thanks for this thinking and testing and analysis, anarcat! On Tue 2018-10-30 11:46:35 -0400, Antoine Beaupré wrote: > The result will be that users will run an outdated version (if they > don't notice the package's removed or the announcement) the version of enigmail in debian jessie i believe simply will not run with the updated thunderbird. i haven't tested it. > or will run an up to date but possibly insecure version (if they > install the Addons version from Mozilla which downloads an arbitrary > binary from the network, see #891882). downloads *and runs* an arbitrary binary from the network :( I'm sorry i don't have more cycles to spend on supporting jessie myself, but if there are things we should be doing in debian stable and/or unstable that would make the work on jessie easier, please let me know. all the best, --dkg
Attachment:
signature.asc
Description: PGP signature