Re: On Mozilla-* updates
Martin Schulze wrote:
> it seems that less than two months after the release of sarge it is
> not possible to support Mozilla, Thunderbird, Firefox (and probably
> Galeon) packages anymore. (in terms of fixing security related
> Unfortunately the Mozilla Foundation does not provide dedicated and
> clean patches for security updates but only releases new versions that
> fix tons of security related problems and other stuff that is or may
> be irrelevant for security updates. As a result, it is extremely
> difficult to get security patches extracted and backported. This is
> an utter disaster for security teams and distributions that try to
> support their releases.
Is it really so difficult to backport the security fixes? Does anybody
know the average number of security fixes between minor versions? (e.g.
1.0.4 to 1.0.5)?