Re: Using the same nss upstream version in all suites?
On Fri, Jan 01, 2016 at 09:47:11PM +0100, Julien Cristau wrote:
> On Thu, Dec 31, 2015 at 13:13:19 +0100, Guido Günther wrote:
> > * We would have the same crypto policies for programs linked against
> > nss in all suites.
> From a stable user perspective, I'm not sure I see that as an advantage,
> if it means things end up breaking on point releases.
I forgot to add that nss is very conservative in changing these
policies. The packages using it like icewaeasel/icedove are far more
aggressive in changing defaults.
Currently we have these things somethimes entangled with security
updates which is not ideal either so I think having these at point
release time with some time to prepare for upgrades is actually an