Re: mozilla - the forgotten package?
On Wed, Mar 10, 2004 at 05:06:12PM +0100, Florian Weimer wrote:
> Jan L?hr wrote:
> > So is mozilla the forgotten package? Considering how popular mozilla is,
> > making it secure would be worth the effort - imho.
> How many of Mozilla's security bugs which are fix during routine
> upgrades are discussed publicly? Can they be backported easily?
A number of the bug reports and patches (in Bugzilla) are still not publicly
accessible, even though the bugs have been known and released for quite some
time. Some are straightforward to backport; others involve a lengthy search
just to determine if the same problem exists in an older version.