[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firefox and Sarge

On Thu, Aug 26, 2004 at 12:55:35AM +0200, Josselin Mouette wrote:
> Le mercredi 25 août 2004 à 08:29 -0700, Matt Zimmerman a écrit :
> > On Wed, Aug 25, 2004 at 10:27:47AM +0200, Francesco P. Lovergine wrote:
> > 
> > > Yes, but I cannot see any recent (within the last year and half) installation
> > > of woody where users did not install a recent version of mozilla, instead
> > > of the pre-1.0. So in some cases, secteam efforts are at least a waste of time.
> > > In those cases that time would be better used in packaging a well-done major 
> > > upgrade. Users would be more satisfied, I think.
> > 
> > That well-done major upgrade is in progress, and its name is "sarge".  Fixes
> > for woody would be great, but despite a lot of discussion on the subject, no
> > one is putting real effort into it.  This is a big project, and the security
> > team is already overloaded.
> There are already many developers involved in backports, so I don't see
> how this could be a problem of manpower. The only missing thing is an
> infrastructure to make these backports somehow approved by the security
> team, and autobuilt.

There is already such an infrastructure: stable-proposed-updates. The only
missing thing is a proper policy (Big Hogs Upgrades) for such kind of
beasts and a few criteria in creating good packages for that (i.e. changes
minimization). The key point is building major upgrades using only stable
infrastructure, not backporting from unstable. I hope the difference is

Francesco P. Lovergine

Reply to: