Re: Security update of firefox-esr for Wheezy
On 04/08/16 23:02, Mike Hommey wrote:
> On Thu, Aug 04, 2016 at 07:50:28PM +0200, Guido Günther wrote:
>> On Thu, Aug 04, 2016 at 06:32:14PM +0900, Mike Hommey wrote:
>>> On Thu, Aug 04, 2016 at 11:04:47AM +0200, Markus Koschany wrote:
>>>> Hello Mike,
>>>> Thank you for preparing the security update of firefox-esr. I have just
>>>> sent a security announcement for your update in Wheezy to the
>>>> debian-lts-announce mailing list. If you want to take care of this next
>>>> time, please follow our guidelines which we have outlined at . If
>>>> this is a burden for you, no problem, we will do our best and take care
>>>> of the rest. In this case we would like to ask you to send a short
>>>> reminder to debian-lts, so that we can prepare the announcement in a
>>>> timely manner.
>>> Heh, I hadn't realized that wasn't handled by standard DSAs, sorry about
>>> that. That these updates go through the same security-master doesn't
>>> help making it obvious they are different.
>>> Anyways, I'd rather not have more work to do, so if can send
>>> announcements, that works for me. Or you can deal with the backport
>>> from back to back.
>>> Please note that the next ESR bump (52) will require GCC 4.8, which is
>>> not in wheezy, so I won't be building ESR45 for wheezy past 45.8,
>>> presumably some time in April next year.
>> The same is true for icedove. Since this is way before the end of Wheezy
>> LTS (31st May 2018) I wonder if we should EOL Firefox/Icedove then or
>> try to support this for longer?
>> I have no idea what features of gcc-4.8 would be required, Mike do you
> Some C++11 features it supports that GCC 4.7 doesn't.
We may want / need to backport GCC 4.8 to Wheezy then. Chromium is already
unsupported, so it's either that, or leave Wheezy with no supported browsers. We
probably want the former.