Re: [SECURITY] [DSA 3148-1] chromium-browser end of life

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
From: Paul van der Vlis <paul@vandervlis.nl>
Date: Thu, 05 Feb 2015 00:49:01 +0100
Message-id: <[🔎] 54D2AFED.8090306@vandervlis.nl>
In-reply-to: <[🔎] 20150204224827.GA25146@glandium.org>
References: <E1YHgIA-0002RO-By@alpha.psidef.org> <[🔎] 54CE7AF9.10801@gmail.com> <[🔎] CAKTje6FpyxVTvwUqMCwCprmnsjQJ2izWMpLzJLqZcma85OmuLg@mail.gmail.com> <[🔎] 201502020252.36485.russell@coker.com.au> <[🔎] CANTw=MMoaV7za34PCz35cj5nv9NJuo=sW7K=L-DozgB7b0Jtow@mail.gmail.com> <[🔎] mao9l9$cur$1@ger.gmane.org> <[🔎] CANTw=MOoHRGCkgbNpmGt3cpyv+Rhz+4xbieTRTzGTifwN2LvtA@mail.gmail.com> <[🔎] matvvp$kau$1@ger.gmane.org> <[🔎] 20150204224827.GA25146@glandium.org>

Hi Mike,

Thanks for your good work for Debian!

Op 04-02-15 om 23:48 schreef Mike Hommey:
>> In the past, Iceweasel and Icedove never had a year security support
>> after a new release.
> 
> I'm curious to know where that's coming from. Iceweasel and Icedove have
> always received security support, even if that means upgrading to a new
> version.

Lenny, 14 februari 2009
Iceweasel support for oldstable stopped at 24 Mar 2009:
https://www.debian.org/security/2009/dsa-1753
Icedove support for oldstable stopped at 12 Jul 2009:
https://www.debian.org/security/2009/dsa-1830

Squeeze, 6 Februar 2011
Icedove security support for oldstable stopped at 09 Mar 2011:
https://www.debian.org/security/2011/dsa-2187
Iceweasel had support all the time.

Wheezy, 4 May 2013
The security support of Iceweasel for oldstable stopped at 26 Jun 2013:
https://www.debian.org/security/2013/dsa-2788
Limited security updates for Icedove for oldstable on 29 Aug 2013:
https://www.debian.org/security/2013/dsa-2746
No updates for oldstable anymore on 22 Apr 2014:
https://www.debian.org/security/2014/dsa-2911

So after a few months, oldstable is not secure anymore when you use
Iceweasel and Icedove. So far I know it was also not possible to have a
year oldstable using backports. This is always a problem for me, because
I have customers with complex desktop systems.

With regards,
Paul van der Vlis.


-- 
Paul van der Vlis Linux systeembeheer, Groningen
http://www.vandervlis.nl

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Holger Levsen <holger@layer-acht.org>

References:
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: "Pavlos K. Ponos" <pavlos.ponos@gmail.com>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul Wise <pabs@debian.org>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Russell Coker <russell@coker.com.au>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Michael Gilbert <mgilbert@debian.org>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul van der Vlis <paul@vandervlis.nl>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Michael Gilbert <mgilbert@debian.org>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul van der Vlis <paul@vandervlis.nl>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Mike Hommey <mh@glandium.org>

Prev by Date: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
Next by Date: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
Previous by thread: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
Next by thread: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
Index(es):
- Date
- Thread