[rt-users] Upgrading web/email server...should I upgrade RT itself too?
Alex Vandiver
alexmv at bestpractical.com
Fri May 8 11:22:13 EDT 2015
On Fri, 8 May 2015 14:11:08 +0000 "Beachey, Kendric"
<Kendric.Beachey at garmin.com> wrote:
> My question...is RT 4.0.17 itself old enough that I really ought to upgrade it as well?
Yes. 4.0.17 has published security vulnerabilities against it
(CVE-2015-1464, CVE-2015-1165, CVE-2014-9472):
http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html
> I'd like to minimize the amount of surprise for the users via new
> looks, so I'm wondering if there are any huge problems with staying
> at 4.0.17.
Upgrading within a stable series will never cause any major
user-visible UI changes, and should never break installed extensions.
Upgrades within a stable series (from 4.0.17 to 4.0.23, for instance)
are designed to be no-hassle bugfixes and security fixes.
If we feel a change has the potential to give an administrator reason to
_not_ upgrade within a stable series, it is unsuitable for that trunk.
Please upgrade.
All of this is hopefully also made clear on release policy page:
https://bestpractical.com/rt/release-policy.html
- Alex
More information about the rt-users
mailing list