Latest firefox vulnerability
Mike Hommey
mh at glandium.org
Sun Jun 11 20:50:41 UTC 2006
On Sun, Jun 11, 2006 at 10:32:07PM +0200, Moritz Muehlenhoff <jmm at inutil.org> wrote:
> Mike Hommey wrote:
> > On Fri, Jun 09, 2006 at 06:57:17AM -0400, Michael Stone <mstone at debian.org> wrote:
> > > On Thu, Jun 08, 2006 at 04:00:57PM +0200, Moritz Muehlenhoff wrote:
> > > >I agree it's not an option for Sarge, can we could very well do it
> > > >for Etch.
> > >
> > > I'd love to do it for etch. IIRC, I wanted to do it before the sarge
> > > release. :) The trick is making people understand just how impossible it
> > > is to support what the mozilla people are doing for an entire relase
> > > cycle--at this point they just hear "drop firefox" and freak out.
> >
> > It would not only be "drop firefox", it would be drop: firefox,
> > thunderbird, mozilla, seamonkey, sunbird, yelp, devhelp, epiphany,
> > kazehakase, galeon, xulrunner, liferea...
>
> This illustrates the infeasibility of stable security support for Mozilla
> rather well: When backporting new incompatible upstream versions we would
> need to upgrade all these packages en bloc.
Actually, it's less and less true.
Mike
More information about the pkg-mozilla-maintainers
mailing list