Re: Mozilla products in Debian (was: A question for the list:)
On Fri, 05 Nov 2010 09:10:44 -0500, Boyd Stephen Smith Jr. wrote:
> On Friday 05 November 2010 08:13:41 Camaleón wrote:
>> > Thirdly, the policy of no new upstream versions after release isn't
>> > changed for volatile. (It is changed for volatile-sloppy.)
>> And that is what people wants to be improved :-)
> No. That's NOT what those who know and love Debian stable want. The
> lack of upstream changes is one of the main reasons I use stable on
What happens with Mozilla packages (more exactly with Firefox/Iceweasel)
is that upstream version correct security flaws, meaning that right now,
Debian's lenny stock version of Iceweasel is vulnerable to lots of holes
because Mozilla does not provide support nor pacthes for 3.0.x branch.
Leaving your users base with a vulnerable browser is not very sane.
I see only one reason to force the upgrade of a stock package with a
newer version and is precisely the lack of support (nor patches) from
Hopefully there is "backports" holding these packages, but for Mozilla
products (which are included in the regular repo) should not be needed -
to be backported- at all: lenny users should have received 3.5 release by
means of the security repo.