Daniel Sterling wrote: > Keeping Debian stable by not changing things is great. > > Except maybe its not so great when you're trying to maintain a complicated, > buggy, high profile program that handles sensitive user data and untrusted > input. > > Debian stable cannot stay stable without changing, sometimes drastically. > > Firefox in Debian stable cannot stay stable and secure by not changing. > ...
This issue has been done to death already. Please read the archives of this list, especially one of Matt Zimmerman's posts in the "On Mozilla-* updates" thread, which reads in part: >>The solution to this problem is simple. We change the meaning of stable >>> to "stable except for such cases as security demands upgrading versions >>> rather than backporting patches." >>>... > > Did you realize before this rant that this is already the policy, and has > been documented in the Security Team FAQ for several years now? -- Paul <http://paulgear.webhop.net> -- Did you know? Email addresses can be forged easily. This message is signed with GNU Privacy Guard <http://www.gnupg.org> and Enigmail <http://enigmail.mozdev.org> so you can be sure it comes from me.
signature.asc
Description: OpenPGP digital signature
