On Fri, Apr 21, 2006 at 09:51:49AM -0700, Jean Tourrilhes wrote: > On Fri, Apr 21, 2006 at 12:25:35PM -0400, Justin Pryzby wrote: > > On Fri, Apr 21, 2006 at 09:15:59AM -0700, Jean Tourrilhes wrote: > > > On Thu, Apr 20, 2006 at 09:46:41PM -0400, Justin Pryzby wrote: > > > > > > > > Another alternative is to update firefox and its dependencies to > > > > testing, by using apt-pinning. See, for example: > > > > > > > > http://bugs.debian.org/261458 > > > > > > If this is the recommended solution, why the package doesn't > > > come as an alternative in stable ? I don't want to spend my time > > > tracking those kind of things, life is too short. > > Stable updates are minimal and must not change interfaces; new > > upstream releases don't count. > > Security fixes do count. Especially for a browser, that is > used to access a variety of unknown site outside the firewall. If > there is only a single package that needs security fixes, this is the > browser. Without a safe browser, stable is not really useful. > If whatever policy says that you can't provide security fixes > to the browser in stable, then the policy is broken. It is my understanding that security fixes are not yet available for this, but when they are, a minimally-patched upload will be made to stable.
> I just can't agree with people who are not worried to what's > happening after 1.0.8. Hopefully we release etch, and (eventually) drop support for sarge. Justin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
