Re: Mozilla "PostScript/default" security problems
In-reply-to: <[🔎] 1089332159.6413.69.camel@duke.gregfolkert.net>
References: <[🔎] 1089332159.6413.69.camel@duke.gregfolkert.net>
Greg Folkert wrote:
> A non-working Epiphany browser or non-working Galeon Browser. All I
can
> say, if you don't know to fix it in Sid, you should be using Stable.
As several threads on debian-user and debian-gtk-gnome point out,
the only way to fix this in sid is by recompiling the package.
Hopefully Sarge will be released by Autumn. It does not look like
there will be a solution by then, at least for Epiphany (no Idea
about Galeon, don't use it). So this "don't use sid" is a non-argument.
Epiphany won't get a XPrint backend until Sarge is released unless
it somehow magically appears. As recompiling is not an option and
a browser without printing is considered broken, Ephy will be
possibly dropped from Sarge.
Also while I am not strictly against recompiling stuff, this does not
scale. What if OpenOffice compiles out stuff next, that can only
be fixed by rebuilding stuff? If I thought recompiling large packages
was so much fun, I would probably be using Gentoo.
Add to this the compatibility problems some people have with
the XPrint backend (inferior graphics output, complicated
resolution settings, cut-off page borders on some printers)
even if they do not use Epiphany or Galeon, but Mozilla or
Firefox.
*And*
Even if I can compile the PS backend in again, the original
*security bug*, if there is one will be reintroduced into
my binaries. This security bug has *never been exactly defined*,
*no* Advisories have been shown (see comments to #256072).
So even if I can print again, I do not know if I actually
want this, if I can be owned instantly by doing this
(same is true for woody boxes, where PS is still enabled).
/ralph
Reply to: