Provide security patches to all versions up to the Extended Support phase

Idea created by masaaki_abeesrij-esridist Employee on Aug 26, 2014

         Software patches and hot fixes 
              - Provided to customers to resolve significant issues discovered in a product release.

         upto the Extended Support.


         And now check the PLC document, and I see 10.1, 10.2, 10.2.1, and 10.2.2 are currently in the Extended Support phase.


         Now, I saw the XSS and Open redirect vuluneravility patches and Esri does not provide the patch for 10.1 and 10.2.


         In the page, Esri states "This patch is specifically for the versions 10.1 SP 1, 10.2.1 or 10.2.2. Customers who are using 10.1 or 10.2 should first apply the appropriate service pack (10.1 SP1 or 10.2.2) first."

         I see the double-standard here.

         I believe that the security patches should be considered as "siginificant issues" and would like Esri to provide the patch for 10.1 and 10.2 because those versions are still in the extended phase.
         (I want Esri to provide users the SECURITY PATHES to the versions in the matured phase beause it's security vulunerability issues, not functional issues.)

         I understand that Esri has already released 10.2.1 and 10.2.2, 10.1 SP1 and it's safer and stable to use those versions or updates. But, it's too high of the cost to upgrade to the new versions/updates if the system is already in the running phase. 

         To sum it up, I want Esri to stick with their own product supporty policy and provide the patches(especially security patches) to all the versions in the current, general availability, and extended support phases.