On Sun, Nov 13, 2005 at 02:36:05AM -0700, Scott wrote: > Marc Wilson wrote: > >.... if normal Debian practices are being followed, security fixes > >are backported to stable, rather than new and untested versions being > >packaged for stable. > > Now that you mention it, Ubuntu used to do this the same way till they > came to their senses (and after a bajillion user complaints).
You are wrong there. Ubuntu sticks to their guns with versioning for released distros as far as I am aware. Both debian and ubuntu have been forced to ship newer firefoxes as security releases, because upstream's culture is to bundle their security updates with new features in a single release. It has proven too difficult for the existing security teams to determine precicely which changes in a very large changeset are related to the vulnerability, so their hand was forced. -- Jon Dowland http://jon.dowland.name/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]