Re: Bug#603702: unblock: iceowl/1.0~b1+dfsg1-2
On 2010-12-24, Guido Günther <agx@sigxcpu.org> wrote:
> Hi,
> On Thu, Dec 23, 2010 at 10:02:45PM +0000, Adam D. Barratt wrote:
>> On Tue, 2010-11-16 at 15:58 +0100, Guido Günther wrote:
>> > As discussed with Moritz from the security team there won't be any
>> > security support from upstream for any of the beta releases. So I added
>> > a note explaining that to README.Debian:
>> >
>> > * [a8de458] Switch to source format 3.0 (quilt)
>> > * [b92405c] Add watch file
>> > * [5a9ee07] Add security update notice to README.Debian
>> >
>> > If this isn't deemed enough we need to remove iceowl entirely from
>> > testing.
>>
>> Apologies for having failed to follow this up again earlier.
>>
>> Just to check that we're all on the same page, having read the addition
>> to README.Debian, does this mean that there won't be any updates at all
>> to the package via security.d.o during squeeze's lifetime?
>
> Yes. A way out of this would be to switch iceowl over to icedove's orig
> tarball which gets at least the xulrunner fixes (both are based on
> comm-central) which would only leave the calendaring part out in the
> cold. Since I didn't get around to do this for the past four weeks it's
> unlikely I'll manage till the release though.
I also don't think it's actually needed. Although iceowl includes a copy of
xulrunner, it has negligable security impact.
Cheers,
Moritz
Reply to: