Re: security related bug report - no maintainer reaction for 1 year
On Tue, Jul 27, 2004 at 07:12:12PM -0700, Brian Nelson wrote:
> It would be a Herculean task to go through each bug, verify it applies to
> Woody, backport the patch required to fix it (if it's even possible to
> backport every patch considering how active Mozilla development has been
> the past couple years), and come out with something usable. I'm certainly
> not about to try it, especially considering how much easier it would be to
> just use the latest Mozilla version instead.
It is easier to make declarations than to do the work required, no matter
what approach is taken. Security and stability, on the other hand, are not
easy, and together they are harder still.
Have you tried building Mozilla 1.7.1 on woody recently? I have.