On Tue, Aug 02, 2005 at 08:16:01PM -0500, Jacob S wrote: > On Tue, 2 Aug 2005 17:45:06 -0700 (PDT) > ke6isf <ke6isf@chez-vrolet.net> wrote: > > > On Tue, 2 Aug 2005, Ralph Katz wrote: > > > > > Yet I'm wondering how other sarge users are going to address the > > > security concerns? Backport, install from Mozilla tarball, upgrade > > > to unstable, change to kmail/konqueror? > > > > It would seem that the easiest way to deal with this is to go off tree > > and use the tarball. > > Any chance we could get Mozilla into volatile? That would seem to solve > the problem, IMHO. > The issue is being discussed on d-d. The only problem with that is that mozilla and friends would "officially" be removed from Sarge and then only be in volatile. Tat would make them technically not part of Debian proper. There is also a proposal to allow the new upstream version into stable if that is the onky way to get the security fixes in. I am inclined to think that taking that approach is the better alternative since there are already Sarge users out there that have the packages installed and I don't think it would be a good thing to remove them from main and leave people hanging. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
Attachment:
pgpQBCdUpXez3.pgp
Description: PGP signature