SuSE announced today on their suse-security-announce mailing list, that with the release of SuSE Linux 8.1 i386 (ftp available version), SuSE Linux 7.0 will be discontinued. Vulnerabilities found after Monday, November 4 2002, will not be fixed for SuSE Linux 7.0 any more. SuSE Linux Enterprise Server products and the products based on it are not affected by SuSE’s announcement.
“SuSE puts much effort into adding security improvements (patches) to the software instead of publishing a new version; the same program with a fix for a specific problem promises to work just as reliable as the original version from the distribution, whereas new versions introduce new functionality which changes the behavior.” said Roman Drahtmuller, member of SuSE Security team. “In some cases however, especially if the security leak is based on problematic design decisions or when the fix(es) are fairly large, the only reasonable fix for a security problem is to update to a newer version of the software. These newer versions tend to become incompatible with our older distribution releases because of missing features in the operating system environment. This forces us to focus on the distributions of a newer release date.”