[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: On Mozilla-* updates

Jeff wrote:
> So if the dependency information is correct (I have attached the
> dependencies that I examined), one application: enigmail, and six
> locales would break by using an update to fix the security issue.
We can arrange that enigmail and those locales won't break - it's quite simple.
 To workaround the strict versioned dependencies in some dependent packages we
must not use the upstream version as the debian package upstream version. But we
can just use a versioning scheme like, e.g. 1.0.2-sarge1.0.6 or something. This
definitly works for thunderbird ... as I have successfully tested this procedure
on my box.

This is for thunderbird ... for firefox, eric would need to comment. Since
firefox does not use dpatch or something to include distinct patches inside the
diff.gz, it might be probably a bit harder to not use the upstream orig.tar.gz,
but nevertheless, it would still be far from impossible.

Mozilla has its patches included in the diff.gz, so going the same way as
outlined above for thunderbird (in terms of howto version an updated package)
appears to be doable too.

 GPG messages preferred.   |  .''`.  ** Debian GNU/Linux **
 Alexander Sack            | : :' :      The  universal
 asac@jwsdot.com           | `. `'      Operating System
 http://www.asoftsite.org  |   `-    http://www.debian.org/

Reply to: