Re: iceweasel based on firefox 6.0 for squeeze

[Brian <ad44@cityscape.co.uk>]

On Mon 26 Sep 2011 at 14:23:12 +0000, Camaleón wrote:

> On Mon, 26 Sep 2011 14:33:31 +0100, Brian wrote:
> 
> > It is clear we have diametrically opposite views, so best leave it
> > there.
> 
> How can be that? 
> 
> I mean, how can you consider ClamAV needs to be up-to-date (I mean the 
> program, not the firm files as firm files to detect malware are 
> automatically updated regardless the version of the program) and 
> Iceweasel not? You can't go so far with Iceweasel 2.x on these days...

I have no particular view on clamav's inclusion in squeeze-updates and
only mentioned it because it is given as an example of a package which
fits criterion 4.

If you want me say Iceweasel 6.0 has more features and is more
up-to-date than Iceweasel 3.0.6 on Lenny you can have it, but being
up-to-date doesn't count for stable-updates and Iceweasel 3.0.6 is no
less useful now in its own terms and in the context of keeping Lenny
stable than the day it was installed.

The Stable Release Manager has something to say on the policy for
stable-updates at

http://raphaelhertzog.com/2011/06/10/people-behind-debian-philipp-kern/

> > Three correct statements but an unjustified conclusion. My statement
> > that squeeze-updates does not deal with security was informed by
> > 
> >    This suite will contain updates that satisfy one of the following
> >    criteria:
> > 
> >        * The update is urgent and not of a security nature.
> >          Security updates will continue to be pushed through the
> >          security archive.
> 
> Fine, but the above is not true¹ for ClamAV (while it can be for other 
> packages that are available in that repo) so we have here a 
> singularity :-)

That's more matter for the SRM to comment on. Even he has been known to
wonder why a security update for clamav has not been pushed through.