Re: On Mozilla-* updates
* Steve Kemp (firstname.lastname@example.org) [050731 20:00]:
> On Sun, Jul 31, 2005 at 06:18:18PM +0100, antgel wrote:
> > Any chance of an elaboration? I wasn't privy to any previous discussion
> > on this and I'm interested. What's the problem with searching bugzilla
> > for security patches on given versions, and applying them? Is it the
> > sheer volume?
> Summery: Even when new fixed packages are available the original
> bugs reported in Mozilla's BugZilla system are non public, as are
> Mozilla *appears* to have no interest in supply patches which
> *only* fix security holes to distributors. Their line is more
> "upgrade to the newest version". Whilst the new versions do
> fix the holes, they traditionally also break things built against
> them, such as extensions, galeon, etc.
I thought some member of the Debian security team has access to the
hidden bug reports. Can't that member extract the relevant patches then?