WebKitGTK+ security and Debian
Alberto Garcia
berto at igalia.com
Tue Feb 23 10:28:43 UTC 2016
On Mon, Feb 22, 2016 at 07:29:27PM +0100, Emilio Pozuelo Monfort wrote:
> I agree. It'd be good to at the very least, update to point releases
> in stable, as you did with 2.4.9. Upgrading to a major version,
> e.g. doing webkit2gtk 2.6.x -> 2.10.x would be more problematic as
> there is potential to break the rdeps. I don't think the SRMs would
> approve that.
The idea is that the API is stable in order to keep the rdeps fine,
but it's of course more risky than cherry picking one or two patches.
> We could provide new major versions in -backports though, at least
> to see if we get any feedback.
I wonder btw if the switch to -dbgsym would get in the way:
https://anonscm.debian.org/cgit/pkg-webkit/webkit.git/commit/?h=wk2/unstable&id=39d223f2934b3bab6c5e2501234ea34afb33ca0a
What would we do in the backports? Disable the debug packages
entirely?
Berto
More information about the Pkg-webkit-maintainers
mailing list