LTS support timelines

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
lv
Reply | Threaded
Open this post in threaded view
|

LTS support timelines

lv
Hi All,

I'm one of the people maintaining the public Jenkins installation of the Apache Impala (Incubating) project, and since it is facing the public internet we're particularly interested in keeping our installation secure. We are currently running LTS 2.46.3 and I'm trying to figure out whether such old LTS releases are still supported, and for how long.

I looked at the page describing the LTS Release Line and from there it is not clear to me whether only the latest release line (currently 2.73.X) will receive security fixes, or whether older lines receive those, too. If they do, what is the latest LTS line that will receive security update and/or that is considered when looking at the impact of newly found security issues?

Thanks for the help. Lars

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/aa487ae7-9d74-4f58-84c0-bd544227d678%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: LTS support timelines

R. Tyler Croy
(replies inline)

On Wed, 04 Oct 2017, lv via Jenkins Users wrote:

> Hi All,
>
> I'm one of the people maintaining the public Jenkins installation of the
> Apache Impala (Incubating) project, and since it is facing the public
> internet we're particularly interested in keeping our installation secure.
> We are currently running LTS 2.46.3 and I'm trying to figure out whether
> such old LTS releases are still supported, and for how long.
>
> I looked at the page describing the LTS Release Line and from there it is
> not clear to me whether only the latest release line (currently 2.73.X)
> will receive security fixes, or whether older lines receive those, too. If
> they do, what is the latest LTS line that will receive security update
> and/or that is considered when looking at the impact of newly found
> security issues?

Older LTS releases are in no way supported by the Jenkins project and do not
receive backports of any kind.

I strongly recommend to always follow the latest LTS versions. ci.jenkins.io
(which I maintain) runs 2.73.1 for example, and when we roll new releases, I
make sure to upgrade :)



- R. Tyler Croy

------------------------------------------------------
     Code: <https://github.com/rtyler>
  Chatter: <https://twitter.com/agentdero>
     xmpp: [hidden email]

  % gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F
------------------------------------------------------

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/20171004183122.dz54bodh3dqvsdqp%40blackberry.coupleofllamas.com.
For more options, visit https://groups.google.com/d/optout.

signature.asc (201 bytes) Download Attachment
lv
Reply | Threaded
Open this post in threaded view
|

Re: LTS support timelines

lv
Thank you for the quick reply!

On Wednesday, October 4, 2017 at 2:31:40 PM UTC-4, R Tyler Croy wrote:
(replies inline)

On Wed, 04 Oct 2017, lv via Jenkins Users wrote:

> Hi All,
>
> I'm one of the people maintaining the public Jenkins installation of the
> Apache Impala (Incubating) project, and since it is facing the public
> internet we're particularly interested in keeping our installation secure.
> We are currently running LTS 2.46.3 and I'm trying to figure out whether
> such old LTS releases are still supported, and for how long.
>
> I looked at the page describing the LTS Release Line and from there it is
> not clear to me whether only the latest release line (currently 2.73.X)
> will receive security fixes, or whether older lines receive those, too. If
> they do, what is the latest LTS line that will receive security update
> and/or that is considered when looking at the impact of newly found
> security issues?


Older LTS releases are in no way supported by the Jenkins project and do not
receive backports of any kind.

I strongly recommend to always follow the latest LTS versions. <a href="http://ci.jenkins.io" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fci.jenkins.io\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFOz7dbDkaa430NrqJYgXhfPnQC2Q&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fci.jenkins.io\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFOz7dbDkaa430NrqJYgXhfPnQC2Q&#39;;return true;">ci.jenkins.io
(which I maintain) runs 2.73.1 for example, and when we roll new releases, I
make sure to upgrade :)



- R. Tyler Croy

------------------------------------------------------
     Code: <<a href="https://github.com/rtyler" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Frtyler\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFtsnCUZ085B8982iTQ2KFqz5gYhw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Frtyler\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFtsnCUZ085B8982iTQ2KFqz5gYhw&#39;;return true;">https://github.com/rtyler>
  Chatter: <<a href="https://twitter.com/agentdero" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Ftwitter.com%2Fagentdero\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEILlTAfpmlCsYIT_Phy_UKs4kUlw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Ftwitter.com%2Fagentdero\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEILlTAfpmlCsYIT_Phy_UKs4kUlw&#39;;return true;">https://twitter.com/agentdero>
     xmpp: <a href="javascript:" target="_blank" gdf-obfuscated-mailto="14C4__9wAAAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">rty...@...

  % gpg --keyserver <a href="http://keys.gnupg.net" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fkeys.gnupg.net\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGGvem0n8cSWWfyOfhzR-uVSpk4NQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fkeys.gnupg.net\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGGvem0n8cSWWfyOfhzR-uVSpk4NQ&#39;;return true;">keys.gnupg.net --recv-key 1426C7DC3F51E16F
------------------------------------------------------

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/547e13fb-193f-4ea5-b048-ff5abc6693df%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.