documentation of Vulnerability fixes for LTS versions

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Documentation - All
    • None
    • 3

      Problem Definition

      For almost every vulnerability Issue there is often the problem that it has been closed because it has been fixed, but the fix version is a release version beyond the LTS version. Because the Issue is closed no one knows if there will be a LTS fix coming or not. And if not, why? Or if, when it will be shipped.

      Could you make this more transparent? A lot of people are starting otherwise asking in the comment for a LTS fix, without any response. The handling for LTS fixes of vulnerabilities is very diffuse. Sometimes there is no statement for a LTS fix at all, so you hope when upgrading the minor version of a LTS will solve it, but you never know.
      This is not helpful to keep/build the trust in the application.

      Suggested Solution

      You could extend your workflow in order to illustrate there is still bugfixing going on for a LTS, by another status, for example...

      Workaround

      None

            Assignee:
            Daria Shatsylo (Inactive)
            Reporter:
            Michael Aglas
            Votes:
            61 Vote for this issue
            Watchers:
            45 Start watching this issue

              Created:
              Updated: