CoffeeCakeJune 24, 2021 in Technical Problems
It's a bit concerning to see security issues not addressed for 4.5, and forcing an upgrade to 4.6. While we are in the process of testing, things aren't at a state yet here in the community where third-party developers have released compatible updates to their extensions.
Why isn't there a 4.5 patch? See:
Some guidance and communication on when a branch will become end of life would be appreciated.
"If" IPS is careful with their coding practices then there shouldn't be the need for security patches all that often. Providing security patches for prior versions for 3 to 4 months after a major release should encourage folks to continuously upgrade their sites while at the same time allowing those sites that want to hold off on upgrading a secure environment.
I always wonder if the security issues are particular to the updated version or extend to 4.5. While I'm waiting for a couple of key third-party apps to be updated to 4.6 compatibility it's worrying to have to make the choice between breaking the community by updating early to get a security patch, or waiting as planned until developers catch up and seeing that rather emphatic red banner every day.
Started 2 hours ago
Started July 25, 2010
Started 7 hours ago