[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question whether to drop support for Apache 2.0 < 2.0.44

Hi all;

I am wondering what people think of dropping support for Apache from
versions 2.0.0 through 2.0.43 as of LedgerSMB 1.3.  These versions
have a bug in them which we currently work around involving escaping
urls.  The bug was corrected in 2.1, 2.2, and 2.0.44.

My own preference is to assume that bugs fixed in a stable branch of
software should be deemed fixed in our code as well.   This helps
encourage people to be up to date (within the stable branch) and
therefore helps encourage better security.

But if these updates are not readily available to users, I think we
should still support the older version.  Any feedback?

Best Wishes,
Chris Travers