[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: On Mozilla-* updates

Most other OS vendors are willing to make updates for errata beyond
simple security updates.  Often this means minor updates to software
packages like web browsers.  I believe the community will be better able
to help us prepare e.g. bug-free firefox 1.0.5 packages than it will to
produce 1.0.4+security packages.  I believe these updated packages
should be tested as thoroughly as possible and released via
security.debian.org and included in the next sarge revision.  As an
administrator of several hundred Debian workstations, all of which
include mozilla, firefox, and thunderbird, I can say that I'd rather see
1.0.5 than see nothing at all, or (IMO just as bad) unofficial packages
distributed outside the official Debian update channels.

Whatever solution we choose, I believe it is very important for us to do
it within Debian and not rely on backports or some other unofficial
channels.  As Debian developers, it is our duty to solve this problem,
and simply kicking the packages out of Debian or ignoring them from the
point of view of updates and security is really no solution at all.


Attachment: signature.asc
Description: Digital signature

Reply to: