Re: On Mozilla-* updates

To: debian-security@lists.debian.org
Subject: Re: On Mozilla-* updates
From: Alexander Sack <asac@debian.org>
Date: Wed, 03 Aug 2005 01:55:17 +0200
Message-id: <[🔎] 42F007E5.7040707@debian.org>
In-reply-to: <[🔎] 87iryo9bvn.fsf@becket.becket.net>
References: <42eb820e$0$29974$db0fefd9@news.zen.co.uk> <20050731165828.GV19080@mathom.us> <42ed07db$0$16001$da0feed9@news.zen.co.uk> <20050731174501.GA2758@steve.org.uk> <20050731180920.GA28521@mails.so.argh.org> <[🔎] 20050802122951.GA11375@informatik.uni-bremen.de> <[🔎] 20050802160902.GG2508@alcor.net> <[🔎] 42efc64b$0$7594$db0fefd9@news.zen.co.uk> <[🔎] 20050802194642.GL2508@alcor.net> <[🔎] 42efd1b1$0$18043$db0fefd9@news.zen.co.uk> <[🔎] 20050802203334.GS2508@alcor.net> <[🔎] 42EFF5EC.6090904@debian.org> <[🔎] 87iryo9bvn.fsf@becket.becket.net>

Thomas Bushnell BSG wrote:
> Alexander Sack <asac@debian.org> writes:
> 
> 
>>Matt Zimmerman wrote:
>>
>>>I'm guessing that you're not going to volunteer on the manpower side, and I
>>>don't think that it would be a good way to spend resources even if we had
>>>them.  You're welcome to attempt to convince the Mozilla project to change
>>>the way that they work for the benefit of distribution security teams.  
>>
>>How should mozilla change the way they work?
> 
> 
> It would be very nice if Mozilla would publish to distributions like
> ours a description of the security problem, and then a separate patch
> for that specific problem.
> 
> 
Yes, but let's not discuss what would be nice, but what would be sufficient in
order to allow fixes for ffox/tbird and friends to go in.

Would it be sufficient to have a distinct patchset for each mfsa prepared? Or do
we need more? Do we need more detailed or other descriptions of the problems
than published by mozilla [1]?


[1] - http://www.mozilla.org/projects/security/known-vulnerabilities.html

-- 
 GPG messages preferred.   |  .''`.  ** Debian GNU/Linux **
 Alexander Sack            | : :' :      The  universal
 asac@debian.org           | `. `'      Operating System
 http://www.asoftsite.org  |   `-    http://www.debian.org/

Reply to:

References:
- Re: On Mozilla-* updates
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Re: On Mozilla-* updates
  - From: Matt Zimmerman <mdz@debian.org>
- Re: On Mozilla-* updates
  - From: antgel <antony@antgel.co.uk>
- Re: On Mozilla-* updates
  - From: Matt Zimmerman <mdz@debian.org>
- Re: On Mozilla-* updates
  - From: antgel <antony@antgel.co.uk>
- Re: On Mozilla-* updates
  - From: Matt Zimmerman <mdz@debian.org>
- Re: On Mozilla-* updates
  - From: Alexander Sack <asac@debian.org>
- Re: On Mozilla-* updates
  - From: Thomas Bushnell BSG <tb@becket.net>

Prev by Date: Re: On Mozilla-* updates
Next by Date: Re: On Mozilla-* updates
Previous by thread: Re: On Mozilla-* updates
Next by thread: Re: On Mozilla-* updates
Index(es):
- Date
- Thread