Re: iceweasel based on firefox 6.0 for squeeze

[Camaleón <noelamac@gmail.com>]

On Mon, 26 Sep 2011 14:33:31 +0100, Brian wrote:

> On Mon 26 Sep 2011 at 11:35:51 +0000, Camaleón wrote:
> 
>> Hey, you can't auto-give you a point for something that I have not
>> discussed ;-)
> 
> You were being tardy in getting round to it so it needed something to
> prod you into action. :)

I didn't know "time" was a variable to care about in this game! :-)
 
>> Regards to the 4th point that says "a package needs to be current to be
>> useful" it fully fits with Iceweasel but I wouldn't say so for clamav.
> 
> It is clear we have diametrically opposite views, so best leave it
> there.

How can be that? 

I mean, how can you consider ClamAV needs to be up-to-date (I mean the 
program, not the firm files as firm files to detect malware are 
automatically updated regardless the version of the program) and 
Iceweasel not? You can't go so far with Iceweasel 2.x on these days...

>> Well, let me think...
>> 
>> clamav was in volatile repo
>> volatile repo provided their own security fixes 
>> volatile repo has been replaced by squeeze-updates
>> 
>> I love the logic behind the things :-)
> 
> Three correct statements but an unjustified conclusion. My statement
> that squeeze-updates does not deal with security was informed by
> 
>    This suite will contain updates that satisfy one of the following
>    criteria:
> 
>        * The update is urgent and not of a security nature.
>          Security updates will continue to be pushed through the
>          security archive.

Fine, but the above is not true¹ for ClamAV (while it can be for other 
packages that are available in that repo) so we have here a 
singularity :-)

¹ I'm a clamav user and follow both, "volatile" and "stable announcement" 
mailing lists and as you can see, clamav updates usually fix security 
flaws:

http://lists.debian.org/debian-stable-announce/2011/07/threads.html

Greetings,

-- 
Camaleón