• @[email protected]
    link
    fedilink
    39
    edit-2
    9 months ago

    Most softwares do not include detailed security fixes in the change log for people to check; and many of these security fixes are in dependencies, so it is unlikely to be documented by the software available to the end user.

    So most of the time, the safest “oldest safe” version is just the latest version.

    • @[email protected]
      link
      fedilink
      2
      edit-2
      9 months ago

      So only protects like Debian do security backports?

      Edit: why the downvote? Is this not something upstream developers do? Security fixes on older releases?

      • @Kelly
        link
        English
        29 months ago

        Backports for supported versions sure,.

        That’s why there is an incentive to limit support to latest and maybe one previous release, it saves on the backporting burden.