On Tue, Sep 13, 2005 at 02:35:18PM +0100, Matthew Garrett wrote: > (From debian-security-announce) > Martin Schulze <joey@infodrom.org> wrote: > > Several problems have been discovered in Mozilla, the we browser of > > the Mozilla suite. Since the usual praxis of backporting apparently > > does not work for this package, this update is basically version > > 1.7.10 with the version number rolled back, and hence still named > > 1.7.8. The Common Vulnerabilities and Exposures project identifies > > the following problems: > Hmm. Is this really a good idea? I can see that the Mozilla developers > give us no real option other than to ship a newer version, but if that's > what we're doing then changing the version number back seems a bit odd. FWIW, I read this as "we applied all the same patches that were included in 1.7.10, but we left out the 800 pounds of autogenerated upstream diff resulting from use of $Id$ tags with embedded CVS branch names". -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature