forwarded 561749 https://bugzilla.mozilla.org/show_bug.cgi?id=394502 tag 561749 + upstream thanks
On Sat, Dec 19, 2009 at 05:36:49PM -0500, Michael Gilbert wrote: > package: iceape > version: 2.0.1-1 > severity: important > tags: security > > Hi, > > Your package embeds source code from xulrunner, which makes > security updates very cumbersome, difficult, and potentially > error-prone. Please update your package to make use of the > shared library. Thank you for your attention on this matter. This is known, and not possible (yet). Likewise for icedove. The main difference with the situation in lenny is that the mozilla/ directory in iceape and upcoming icedove 3 sources are the same as the xulrunner-1.9.1 source, which will make updates easier. This is the main reason why I'm seriously considering shipping iceweasel 3.5.x with squeeze instead of 3.6.x. Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
