Bug#401969: please build using hunspell
Steve Kemp
skx at debian.org
Sat Dec 9 17:14:56 CET 2006
On Fri, Dec 08, 2006 at 10:32:50PM +0100, Mike Hommey wrote:
> How does the security team feel about having to rebuild iceape,
> iceweasel, icedove (you forgot to file a bug on icedove), OOo and enchant
> if there happens to be a security bug in hunspell ?
In general having multiple packages needing a rebuild for a
single security fix is a problem, and not something we'd like
to have to deal with.
(For a specific example think of the pdf/gs updates we had to
make earlier in the year/last year. Lots of different programs
with very similar code which didn't always get spotted at the
same time.)
A more recent example would be the links + elinks updates. Links
was updated first then we updated elinks afterwards when we learnt
there was shared code .. (Obvious in retrospect, but if there are
a lot of packages which would require a rebuild keeping track of
all of them can be difficult; especially if we don't know about it
in advance.)
Steve
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20061209/1144b737/attachment.pgp
More information about the pkg-mozilla-maintainers
mailing list