ffox 1.5.0.2/1.0.8 CVE-Ids, MFSAs and Bugzilla bugs

Mike Hommey mh at glandium.org
Sat Apr 15 19:31:03 UTC 2006


On Sat, Apr 15, 2006 at 01:12:47PM +0200, Alexander Sack <asac at debian.org> wrote:
> ... removed security team from cc.

Note they didn't get any of my mail because of fscking RBL.

> On Sat, Apr 15, 2006 at 12:51:05PM +0200, Mike Hommey wrote:
> > 
> > Grrrr I hate the way mozilla deals with security... there's no way to
> > get to the bugs in spite of the fixes being released...
> > You are not authorized to access bug #......
> 
> yes ... its demotivating.
> 
> > 
> > Alex, since I'm afraid xulrunner 1.8.0.2 will not be released as soon as
> > I'd like it to be, could it be possible to get the individual patches so
> > that I can apply those concerning xulrunner for 1.8.0.1-9 ?
> > 
> 
> Hmmm ... Unfortunately I am not preparing patches for the 1.8.x/1.5.0.x tree. 
> 
> Maybe they tagged the tree and you can pull your own (pre-)tarball?

Nope, only firefox and thunderbird are tagged. Seeing how things were
for xulrunner 1.8.0.1 (i.e. not exactly synced with firefox and
thunderbird 1.5.0.1), all I could do would be get a somehow not complete
pre-tarball. I don't really like this solution. But I don't like leaving
security bugs either. *sigh*

Mike



More information about the pkg-mozilla-maintainers mailing list