Re: Mitigating the problem of limited security support

To: debian-devel@lists.debian.org
Subject: Re: Mitigating the problem of limited security support
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Sat, 27 May 2017 23:49:44 +0200
Message-id: <[🔎] slrnoijt3o.pqv.jmm@inutil.org>
References: <[🔎] 20170521134336.v62dww4cnmyflrbb@localhost> <[🔎] CAAajCMYN97WO5Fd=sp=8k2u-j9i+cPDeKZZTVUXkoa-oAqTHQA@mail.gmail.com>

Jeremy Bicha <jbicha@ubuntu.com> schrieb:
> understanding is that the Debian Security team has absolutely refused
> to extend the "browser exception" (to allow major new versions) to
> webkit2gtk,

The "browser exception" applies to Chromium and Firefox, which are
standalone packages (sans a few addons breaking), but unless webkit
provides a long term branch with API stability guarantees, that's
not a workable. "Rebase to a new 2.x branch every six months and let's
hope that it doesn't break any rdeps" is not a workable solution.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: Mitigating the problem of limited security support
  - From: Jeremy Bicha <jbicha@ubuntu.com>
- Re: Mitigating the problem of limited security support
  - From: Alberto Garcia <berto@igalia.com>

References:
- Mitigating the problem of limited security support
  - From: Adrian Bunk <bunk@debian.org>
- Re: Mitigating the problem of limited security support
  - From: Jeremy Bicha <jbicha@ubuntu.com>

Prev by Date: Bug#863510: ITP: node-readable-stream -- A stream compatibility library for Node.js and browser
Next by Date: Re: Mitigating the problem of limited security support
Previous by thread: Re: Mitigating the problem of limited security support
Next by thread: Re: Mitigating the problem of limited security support
Index(es):
- Date
- Thread