On Thu, Mar 11, 2004 at 04:32:30PM +0100, Florian Weimer wrote: > There's no obvious solution. If Debian sticks to 1.0 on principle, > there's nothing we can do. It's unlikely we'll find a volunteer who > backports all those fixes to 1.0. I haven't found any commercial > distributor who still supports 1.0, either. > > If we integrate 1.4 (that is, 1.4.2) into stable, we can take security > fixes from upstream and/or other distributors. It might still be a lot > of work (I'm going to try it next weekend or so), but it looks like a > more manageable task.
This introduces a whole new set of problems, given Mozilla's upgrade history (not preserving user configuration data, breaking compatibility with dependent applications, etc.) -- - mdz
