You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by Robert <rl...@apache.org> on 2012/03/10 17:27:41 UTC
Demoting older Struts releases
I was under the impression that any release past or present could be
demoted if deficiency were found.
Perhaps this has been done but may not be clear to a casual user. The page
http://struts.apache.org/downloads.html
does only list two releases. However, below that is the wording:
'As a courtesy, we retain archival copies of the website for each
"General Availability" release. Product support for older releases may
be limited.'
As a casual user I might believe an older release is more "stable" and
still considered a GA release, when in fact there are deficiencies that
should rule it out of consideration.
It would see that possibly the sentence:
Product support for older releases may be limited.
Could be revised but several attempts to revise this to point out that
older release may have vulnerabilities or bugs either sounded too severe
or too mild.
Thoughts?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org
Re: Demoting older Struts releases
Posted by Łukasz Lenart <lu...@googlemail.com>.
Found them out in the source ;-)
On 02 Apr 2012 9:58 AM, "Łukasz Lenart" <lu...@googlemail.com>
wrote:
Thanks, but didn't help :-/
>
> On 02 Apr 2012 2:17 AM, "Wendy Smoak" <ws...@gmail.com> wrote:
>
> 2012/4/1 Łukasz Lenart <luk...
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-u...
Re: Demoting older Struts releases
Posted by Łukasz Lenart <lu...@googlemail.com>.
Thanks, but didn't help :-/
On 02 Apr 2012 2:17 AM, "Wendy Smoak" <ws...@gmail.com> wrote:
2012/4/1 Łukasz Lenart <lu...@googlemail.com>:
> Done, I'm missing some release dates, how to find them ?
Check the archives of the announcements list?
http://mail-archives.apache.org/mod_mbox/struts-announcements/
--
Wendy
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-u...
Re: Demoting older Struts releases
Posted by Wendy Smoak <ws...@gmail.com>.
2012/4/1 Łukasz Lenart <lu...@googlemail.com>:
> Done, I'm missing some release dates, how to find them ?
Check the archives of the announcements list?
http://mail-archives.apache.org/mod_mbox/struts-announcements/
--
Wendy
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org
Re: Demoting older Struts releases
Posted by Łukasz Lenart <lu...@googlemail.com>.
Done, I'm missing some release dates, how to find them ?
Regards
--
Łukasz http://www.lenart.org.pl/
mobile +48 606 323 122, office +27 11 0838747
Warszawa JUG conference - Confitura http://confitura.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org
Re: Demoting older Struts releases
Posted by Rob Leland <le...@speakeasy.net>.
On 3/22/2012 3:54 PM, Łukasz Lenart wrote:
> I think that's the best part, even without reclassification it clear
> shows why to upgrade to latest GA. I think we can introduce that
> change smoothly, by consensus. Any objections ?
Your right that would be more effective than reclassification!
>
>
> Kind regards
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org
Re: Demoting older Struts releases
Posted by Łukasz Lenart <lu...@googlemail.com>.
2012/3/22 Robert <rl...@apache.org>:
> There is not a perfect solution, as Dave indicated beta may not mean much to
> managers.
Yeah, it does nothing ;-) Beta, Alpha, GA is all the same for them.
> A hard line approach would be to reclassify all prior releases of Struts 2,
> as beta or alpha, does Struts have a not recommended classification ?
No, we just strongly advise to upgrade.
> Then change the download page,http://struts.apache.org/downloads.html,
> wording for older releases
>
> from:
> 'As a courtesy, we retain archival copies of the website for each "General
> Availability" release.'
>
> to
> 'As a courtesy, we retain archival copies of the website for releases that
> initially were considered "General Availability"
> but which has been reclassified as "Not recommended" since they contain
> security issues'
> ^ or beta/alpha ^
Hmm... interesting idea, worth consideration :-)
> Then instead of listing just the prior version of the web site, explicitly
> list the vulnerabilities these releases are known/assumed to contain.
>
> Struts 2.X Releases
> Release, Approx Rel Date, Vulnerability
>
> Struts 2.3.1.1 , 2012/1/23 S2-009
> Struts 2.3.1, 2011/12/14, S2-008 likely : S2-009
> Struts 2.2.3.1, 2011/9/7, likely : S2-008, S2-009
> Struts 2.2.3 , 2011/5/7, S2-007 likely : S2-008, S2-009
> Struts 2.2.1.1 , 2010/12/21, S2-006 likely : S2-007, S2-008, S2-009
> Struts 2.2.1, 2010/8/16 likely : S2-006, S2-007, S2-008,
> S2-009
> Struts 2.1.8.1, 2010/8/16 S2-005 likely : S2-006, S2-007,
> S2-008, S2-009
> Struts 2.1.8, 2009/9/30, likely : S2-005, S2-006, S2-007,
> S2-008, S2-009
> Struts 2.1.6, 2009/1/5, likely : S2-005, S2-006, S2-007,
> S2-008, S2-009
> Struts 2.0.14, 2008/11/16, likely : S2-005, S2-006, S2-007, S2-008,
> S2-009
> Struts 2.0.12, 2008/10/16, likely : S2-005, S2-006, S2-007, S2-008,
> S2-009
> Struts 2.0.11.2, 2008/6/22, S2-004, S2-003, likely : S2-005,
> S2-006, S2-007, S2-008, S2-009
> Struts 2.0.11.1, 2008/3/2, likely : S2-003, S2-004, S2-005,
> S2-006, S2-007, S2-008, S2-009
> Struts 2.0.11, 2007/9/21, S2-002 likely : S2-003, S2-004,
> S2-005, S2-006, S2-007, S2-008, S2-009
> Struts 2.0.9, 2007/7/23, likely : S2-002, S2-003, S2-004,
> S2-005, S2-006, S2-007, S2-008, S2-009
> Struts 2.0.8, 2007/6/6, S2-001 likely : S2-002, S2-003,
> S2-004, S2-005, S2-006, S2-007, S2-008, S2-009
> Struts 2.0.6, 2007/2/18, S2-001 likely : S2-002, S2-003,
> S2-004, S2-005, S2-006, S2-007, S2-008, S2-009
I think that's the best part, even without reclassification it clear
shows why to upgrade to latest GA. I think we can introduce that
change smoothly, by consensus. Any objections ?
Kind regards
--
Łukasz http://www.lenart.org.pl/
mobile +48 606 323 122, office +27 11 0838747
Warszawa JUG conference - Confitura http://confitura.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org
Re: Demoting older Struts releases
Posted by Robert <rl...@apache.org>.
On 3/21/2012 11:50 PM, Robert wrote:
> On 3/20/2012 3:53 PM, Łukasz Lenart wrote:
>> What do you propose ?
>
As text
There is not a perfect solution, as Dave indicated beta may not mean
much to managers.
A hard line approach would be to reclassify all prior releases of Struts
2, as beta or alpha, does Struts have a not recommended classification ?
Struts 2.3.1.1,2.3.1
Struts 2.2.3.1,2.2.3,2.2.1.1,2.2.1
Struts 2.1.8.1,2.1.8,2.1.6
Struts 2.0.14,2.0.12,2.0.11.2,2.0.11.1,2.0.11,2.0.9, 2.0.8, 2.0.6
Then change the download page,http://struts.apache.org/downloads.html,
wording for older releases
from:
'As a courtesy, we retain archival copies of the website for each
"General Availability" release.'
to
'As a courtesy, we retain archival copies of the website for releases
that initially were considered "General Availability"
but which has been reclassified as "Not recommended" since they contain
security issues'
^ or beta/alpha ^
Then instead of listing just the prior version of the web site,
explicitly list the vulnerabilities these releases are known/assumed to
contain.
Struts 2.X Releases
Release, Approx Rel Date, Vulnerability
Struts 2.3.1.1 , 2012/1/23 S2-009
Struts 2.3.1, 2011/12/14, S2-008 likely : S2-009
Struts 2.2.3.1, 2011/9/7, likely : S2-008, S2-009
Struts 2.2.3 , 2011/5/7, S2-007 likely : S2-008, S2-009
Struts 2.2.1.1 , 2010/12/21, S2-006 likely : S2-007, S2-008,
S2-009
Struts 2.2.1, 2010/8/16 likely : S2-006, S2-007,
S2-008, S2-009
Struts 2.1.8.1, 2010/8/16 S2-005 likely : S2-006,
S2-007, S2-008, S2-009
Struts 2.1.8, 2009/9/30, likely : S2-005, S2-006,
S2-007, S2-008, S2-009
Struts 2.1.6, 2009/1/5, likely : S2-005, S2-006,
S2-007, S2-008, S2-009
Struts 2.0.14, 2008/11/16, likely : S2-005, S2-006, S2-007,
S2-008, S2-009
Struts 2.0.12, 2008/10/16, likely : S2-005, S2-006, S2-007,
S2-008, S2-009
Struts 2.0.11.2, 2008/6/22, S2-004, S2-003, likely :
S2-005, S2-006, S2-007, S2-008, S2-009
Struts 2.0.11.1, 2008/3/2, likely : S2-003, S2-004, S2-005,
S2-006, S2-007, S2-008, S2-009
Struts 2.0.11, 2007/9/21, S2-002 likely : S2-003,
S2-004, S2-005, S2-006, S2-007, S2-008, S2-009
Struts 2.0.9, 2007/7/23, likely : S2-002, S2-003,
S2-004, S2-005, S2-006, S2-007, S2-008, S2-009
Struts 2.0.8, 2007/6/6, S2-001 likely : S2-002,
S2-003, S2-004, S2-005, S2-006, S2-007, S2-008, S2-009
Struts 2.0.6, 2007/2/18, S2-001 likely : S2-002,
S2-003, S2-004, S2-005, S2-006, S2-007, S2-008, S2-009
Struts 1.X Releases
Struts 1.3.8
Struts 1.3.5
Struts 1.2.9
Struts 1.2.8
Struts 1.2.7
Struts 1.2.4
Struts 1.1
Struts 1.0.2
It may seem drastic but if the list of security issues next to releases
doesn't encourage upgrading I don't know what will.
Now to talk to my manager :)!
-Rob
>
>>
>> Regards
>
Re: Demoting older Struts releases
Posted by Robert <rl...@apache.org>.
On 3/20/2012 3:53 PM, Łukasz Lenart wrote:
> What do you propose ?
There is not a perfect solution, as Dave indicated beta may not mean
much to managers.
A hard line approach would be to reclassify all prior releases of Struts
2, as beta or alpha, does Struts have a not recommended classification ?
Struts 2.3.1.1,2.3.1
Struts 2.2.3.1,2.2.3,2.2.1.1,2.2.1
Struts 2.1.8.1,2.1.8,2.1.6
Struts 2.0.14,2.0.12,2.0.11.2,2.0.11.1,2.0.11,2.0.9, 2.0.8, 2.0.6
Then change the download page,http://struts.apache.org/downloads.html,
wording for older releases
from:
'As a courtesy, we retain archival copies of the website for each
"General Availability" release.'
to
'As a courtesy, we retain archival copies of the website for releases
that initially were considered "General Availability"
but which has been reclassified as "Not recommended" since they contain
security issues'
^ or
beta/alpha ^
Then instead of listing just the prior version of the web site,
explicitly list the vulnerabilities these releases are known/assumed to
contain.
Struts 2.X Releases
Release, Approx Rel Date, Vulnerability
* Struts 2.3.1.1 <http://struts.apache.org/2.3.1.1/index.html> ,
2012/1/23 S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.3.1 <http://struts.apache.org/2.3.1/index.html>,
2011/12/14, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008> likely :
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.2.3.1 <http://struts.apache.org/2.2.3.1/index.html>,
2011/9/7, likely : S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.2.3 <http://struts.apache.org/2.2.3/index.html> ,
2011/5/7, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007> likely :
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.2.1.1 <http://struts.apache.org/2.2.1.1/index.html> ,
2010/12/21, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006> likely :
S2-007 <https://cwiki.apache.org/confluence/display/WW/S2-007>,
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.2.1 <http://struts.apache.org/2.2.1/index.html>,
2010/8/16 likely : S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.1.8.1 <http://struts.apache.org/2.1.8.1/index.html>,
2010/8/16 S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005> likely :
S2-006 <https://cwiki.apache.org/confluence/display/WW/S2-006>,
S2-007 <https://cwiki.apache.org/confluence/display/WW/S2-007>,
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.1.8 <http://struts.apache.org/2.1.8/index.html>,
2009/9/30, likely : S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005>, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.1.6 <http://struts.apache.org/2.1.6/index.html>,
2009/1/5, likely : S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005>, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.14 <http://struts.apache.org/2.0.14/index.html>,
2008/11/16, likely : S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005>, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.12 <http://struts.apache.org/2.0.12/index.html>,
2008/10/16, likely : S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005>, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.11.2 <http://struts.apache.org/2.0.11.2/index.html>,
2008/6/22, S2-004
<https://cwiki.apache.org/confluence/display/WW/S2-004>, S2-003
<https://cwiki.apache.org/confluence/display/WW/S2-003>, likely :
S2-005 <https://cwiki.apache.org/confluence/display/WW/S2-005>,
S2-006 <https://cwiki.apache.org/confluence/display/WW/S2-006>,
S2-007 <https://cwiki.apache.org/confluence/display/WW/S2-007>,
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.11.1 <http://struts.apache.org/2.0.11.1/index.html>,
2008/3/2, likely : S2-003
<https://cwiki.apache.org/confluence/display/WW/S2-003>, S2-004
<https://cwiki.apache.org/confluence/display/WW/S2-004>, S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005>, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.11 <http://struts.apache.org/2.0.11/index.html>,
2007/9/21, S2-002
<https://cwiki.apache.org/confluence/display/WW/S2-002> likely :
S2-003 <https://cwiki.apache.org/confluence/display/WW/S2-003>,
S2-004 <https://cwiki.apache.org/confluence/display/WW/S2-004>,
S2-005 <https://cwiki.apache.org/confluence/display/WW/S2-005>,
S2-006 <https://cwiki.apache.org/confluence/display/WW/S2-006>,
S2-007 <https://cwiki.apache.org/confluence/display/WW/S2-007>,
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.9 <http://struts.apache.org/2.0.9/index.html>,
2007/7/23, likely : S2-002
<https://cwiki.apache.org/confluence/display/WW/S2-002>, S2-003
<https://cwiki.apache.org/confluence/display/WW/S2-003>, S2-004
<https://cwiki.apache.org/confluence/display/WW/S2-004>, S2-005
<https://cwiki.apache.org/confluence/display/WW/S2-005>, S2-006
<https://cwiki.apache.org/confluence/display/WW/S2-006>, S2-007
<https://cwiki.apache.org/confluence/display/WW/S2-007>, S2-008
<https://cwiki.apache.org/confluence/display/WW/S2-008>, S2-009
<https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.8 <http://struts.apache.org/2.0.8/index.html>,
2007/6/6, S2-001
<https://cwiki.apache.org/confluence/display/WW/S2-001> likely :
S2-002 <https://cwiki.apache.org/confluence/display/WW/S2-002>,
S2-003 <https://cwiki.apache.org/confluence/display/WW/S2-003>,
S2-004 <https://cwiki.apache.org/confluence/display/WW/S2-004>,
S2-005 <https://cwiki.apache.org/confluence/display/WW/S2-005>,
S2-006 <https://cwiki.apache.org/confluence/display/WW/S2-006>,
S2-007 <https://cwiki.apache.org/confluence/display/WW/S2-007>,
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
* Struts 2.0.6 <http://struts.apache.org/2.0.6/index.html>,
2007/2/18, S2-001
<https://cwiki.apache.org/confluence/display/WW/S2-001> likely :
S2-002 <https://cwiki.apache.org/confluence/display/WW/S2-002>,
S2-003 <https://cwiki.apache.org/confluence/display/WW/S2-003>,
S2-004 <https://cwiki.apache.org/confluence/display/WW/S2-004>,
S2-005 <https://cwiki.apache.org/confluence/display/WW/S2-005>,
S2-006 <https://cwiki.apache.org/confluence/display/WW/S2-006>,
S2-007 <https://cwiki.apache.org/confluence/display/WW/S2-007>,
S2-008 <https://cwiki.apache.org/confluence/display/WW/S2-008>,
S2-009 <https://cwiki.apache.org/confluence/display/WW/S2-009>
Struts 1.X Releases
* Struts 1.3.8 <http://struts.apache.org/1.3.8/index.html>
* Struts 1.3.5 <http://struts.apache.org/1.3.5/index.html>
* Struts 1.2.9 <http://struts.apache.org/1.2.9/index.html>
* Struts 1.2.8 <http://struts.apache.org/1.2.8/index.htm>
* Struts 1.2.7 <http://struts.apache.org/1.2.7/index.html>
* Struts 1.2.4 <http://struts.apache.org/1.2.4/index.html>
* Struts 1.1 <http://struts.apache.org/1.1/index.html>
* Struts 1.0.2 <http://struts.apache.org/1.0.2/index.html>
It may seem drastic but if the list of security issues next to releases
doesn't encourage upgrading I don't know what will.
Now to talk to my manager :)!
-Rob
>
>
> Regards
Re: Demoting older Struts releases
Posted by Łukasz Lenart <lu...@googlemail.com>.
2012/3/20 Robert Leland <rl...@apache.org>:
> Its more on encouraging users to move to releases where bug fixes and
> security vulnerability fixes have been made.
Ok, but still unclear for me :/
> From the ancient Struts 1.2.0 release notes:
> The /vote/ may also serve to /reclassify/ the /release/ to be of /Beta/ or
> /General Availability/ (/GA/) quality, as defined by the Apache HTTPD
> project. Subsequent /votes/ may /reclassify/ the /release/, either to
> promote it or to /demote/ it, as need be.
>
> This may not be the way releases are handled now days.
> Since the comitters are the ones who do the work, they make the decisions,
> and reclassification would add more work.
>
> It would give developers more justification to upgrade to a newer version of
> Struts, since managers can grasp Beta vs GA.
What do you propose ?
Regards
--
Łukasz http://www.lenart.org.pl/
mobile +48 606 323 122, office +27 11 0838747
Warszawa JUG conference - Confitura http://confitura.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org
Re: Demoting older Struts releases
Posted by Dave Newton <da...@gmail.com>.
On Tue, Mar 20, 2012 at 1:14 PM, Robert Leland wrote:
> [...] managers can grasp Beta vs GA.
>
Your optimism tickles my funny bone ;)
Dave
Re: Demoting older Struts releases
Posted by Robert Leland <rl...@apache.org>.
Its more on encouraging users to move to releases where bug fixes and
security vulnerability fixes have been made.
From the ancient Struts 1.2.0 release notes:
The /vote/ may also serve to /reclassify/ the /release/ to be of /Beta/
or /General Availability/ (/GA/) quality, as defined by the Apache HTTPD
project. Subsequent /votes/ may /reclassify/ the /release/, either to
promote it or to /demote/ it, as need be.
This may not be the way releases are handled now days.
Since the comitters are the ones who do the work, they make the
decisions, and reclassification would add more work.
It would give developers more justification to upgrade to a newer
version of Struts, since managers can grasp Beta vs GA.
On 3/13/2012 3:30 AM, Łukasz Lenart wrote:
> 2012/3/10 Robert<rl...@apache.org>:
>> I was under the impression that any release past or present could be demoted
>> if deficiency were found.
>>
>> Perhaps this has been done but may not be clear to a casual user. The page
>> http://struts.apache.org/downloads.html
>> does only list two releases. However, below that is the wording:
>>
>> 'As a courtesy, we retain archival copies of the website for each "General
>> Availability" release. Product support for older releases may be limited.'
>>
>> As a casual user I might believe an older release is more "stable" and still
>> considered a GA release, when in fact there are deficiencies that should
>> rule it out of consideration.
>>
>> It would see that possibly the sentence:
>>
>> Product support for older releases may be limited.
>>
>> Could be revised but several attempts to revise this to point out that older
>> release may have vulnerabilities or bugs either sounded too severe or too
>> mild.
>>
>> Thoughts?
> Hmm... I don't understand what you mean :-(
> Do you want to completely remove the older versions from the download page ?
>
>
> Regards
Re: Demoting older Struts releases
Posted by Łukasz Lenart <lu...@googlemail.com>.
2012/3/10 Robert <rl...@apache.org>:
>
> I was under the impression that any release past or present could be demoted
> if deficiency were found.
>
> Perhaps this has been done but may not be clear to a casual user. The page
> http://struts.apache.org/downloads.html
> does only list two releases. However, below that is the wording:
>
> 'As a courtesy, we retain archival copies of the website for each "General
> Availability" release. Product support for older releases may be limited.'
>
> As a casual user I might believe an older release is more "stable" and still
> considered a GA release, when in fact there are deficiencies that should
> rule it out of consideration.
>
> It would see that possibly the sentence:
>
> Product support for older releases may be limited.
>
> Could be revised but several attempts to revise this to point out that older
> release may have vulnerabilities or bugs either sounded too severe or too
> mild.
>
> Thoughts?
Hmm... I don't understand what you mean :-(
Do you want to completely remove the older versions from the download page ?
Regards
--
Łukasz http://www.lenart.org.pl/
mobile +48 606 323 122, office +27 11 0838747
Warszawa JUG conference - Confitura http://confitura.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org