Greetings, Am Dienstag, 9. März 2004 17:20 schrieb Steve Kemp: > On Tue, Mar 09, 2004 at 05:15:42PM +0100, Jan L??hr wrote: > > over the last months, various security related bugs in mozilla appeared > > and were fixed in new versions of mozilla - but what about the debian > > package? Are there any efforts for making mozilla secure or to backport > > the mozilla patches to debian? > > > > Due to depency with galeon new mozilla versions cannot be intergrated > > easily, but right now, the debian mozilla contains some seriuos security > > related bugs. > > > > So is mozilla the forgotten package? Considering how popular mozilla is, > > making it secure would be worth the effort - imho. > > I think it's a case of time and energy. I started updating the > current woody packages to handle some of the reports, after mdz > pointed me to a list. > > However it was very timeconsuming and very shortly after I started I > stopped having to support graphical stable boxes; so it became a non > issue for me. > > There are patches around for some (most?) of the holes, it just takes > somebody with the patience to apply them and build fixed versions to > share - then I'm sure we'd see a new stable release.
So this is all in all a capacity problem? Doesn't have the debian security team enough ressource to port exisiting patches to debian packages? Why not enlarging the team? Keep smiling yanosz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]