Re: [SECURITY] [DSA 3148-1] chromium-browser end of life

To: debian-security <debian-security@lists.debian.org>
Subject: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
From: Michael Gilbert <mgilbert@debian.org>
Date: Wed, 4 Feb 2015 20:23:21 -0500
Message-id: <[🔎] CANTw=MMaROWK=50Of2-GXr40H5+noKuCHTZGwUoVNSP4P9AUxw@mail.gmail.com>
In-reply-to: <[🔎] matvvp$kau$1@ger.gmane.org>
References: <E1YHgIA-0002RO-By@alpha.psidef.org> <[🔎] 54CE7AF9.10801@gmail.com> <[🔎] CAKTje6FpyxVTvwUqMCwCprmnsjQJ2izWMpLzJLqZcma85OmuLg@mail.gmail.com> <[🔎] 201502020252.36485.russell@coker.com.au> <[🔎] CANTw=MMoaV7za34PCz35cj5nv9NJuo=sW7K=L-DozgB7b0Jtow@mail.gmail.com> <[🔎] mao9l9$cur$1@ger.gmane.org> <[🔎] CANTw=MOoHRGCkgbNpmGt3cpyv+Rhz+4xbieTRTzGTifwN2LvtA@mail.gmail.com> <[🔎] matvvp$kau$1@ger.gmane.org>

On Wed, Feb 4, 2015 at 3:38 PM, Paul van der Vlis wrote:
>> The backports team expects backporters to have demonstrated competence
>> with the packages that they're planning to upload.  Anyone considering
>> this should first get involved with the package maintenance teams
>> first and help with a few unstable uploads.
>
> I understand. Good thing. But maybe the normal packagers could think
> about a backport.

For chromium, that's me, but it's not an interest of mine.  If it's
going to happen, it will require a motivated volunteer with the itch
to do the work.

> In the past, Iceweasel and Icedove never had a year security support
> after a new release. Maybe there where other reasons to stop the
> support, but I think this should be seen as a problem/bug.

It's a lot of work maintaining web browsers.  When the next stable
release comes out, that work doubles, so it is far more practical only
to support the newer one.

> In my opinion Iceweasel, Chromium, etc, don't belong in "main", they
> belong in "backports". Realize that backports is now enabled by default
> in Jessie.

That doesn't really change anything.  The same build environment
issues leading to the -security decision for chromium would lead to
the exact same conclusion in -backports.

Best wishes,
Mike

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul van der Vlis <paul@vandervlis.nl>

References:
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: "Pavlos K. Ponos" <pavlos.ponos@gmail.com>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul Wise <pabs@debian.org>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Russell Coker <russell@coker.com.au>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Michael Gilbert <mgilbert@debian.org>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul van der Vlis <paul@vandervlis.nl>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Michael Gilbert <mgilbert@debian.org>
- Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
  - From: Paul van der Vlis <paul@vandervlis.nl>

Prev by Date: Security EOL within Debian Stable
Next by Date: Re: Security EOL within Debian Stable
Previous by thread: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
Next by thread: Re: [SECURITY] [DSA 3148-1] chromium-browser end of life
Index(es):
- Date
- Thread