On 15 September 2017 at 05:46, Mark Hammond <mhamm...@mozilla.com> wrote:
> Another way to look at this is: at some point, Mozilla makes a decision > that even the most serious security vulnerability which can cause > significant harm to users will not be fixed in some older versions. I > find it difficult to justify that the FxA team should be held to a > higher standard - and in some cases, it's even possible that having FxA > work on such older, vulnerable Firefoxes could potentially cause *more* > harm to the user. > I strongly support this as a lower-bound on our ambitions here. Mark, is there a concrete policy based around ESR etc for these decisions? Ryan
_______________________________________________ Dev-fxacct mailing list Dev-fxacct@mozilla.org https://mail.mozilla.org/listinfo/dev-fxacct