Latest firefox vulnerability
Michael Stone
mstone at debian.org
Thu Jun 8 13:50:15 UTC 2006
On Wed, Jun 07, 2006 at 12:10:58AM +0200, Alexander Sack wrote:
>Uploading 1.5.x should be the last option to consider. IMO, its not an option
>at all for debian stable.
Why?
I've heard through various sources that people are targeting the
vulnerabities in the latest mozilla advisory. The bottom line is that we
need to get them patched. If patches can be backported, fine--but it
looks as though the mozilla foundation isn't interested in facilitating
that. If we can't get backports in a reasonable timeframe, I think we
have to consider backporting a supported version before we let the sarge
packages get into the state the woody packages reached.
Mike Stone
More information about the pkg-mozilla-maintainers
mailing list