On Wed, Sep 22, 2010 at 5:04 PM, Bruno Wolff III <br...@wolff.to> wrote: > On Wed, Sep 22, 2010 at 17:01:02 +0200, > Tomas Mraz <tm...@redhat.com> wrote: >> I say that the example of Webkit should be removed because if it is not >> possible to backport the security patch and due to the version update >> Midori has to be updated to a new version regardless of the changes of >> user experience. The part of the example "judgement call based on how >> intrusive the changes are" does not make any sense. We just cannot keep >> the old insecure version regardless on how intrusive the changes are. > > Security isn't binary. It may be that a security update addresses an issue > that can not happen in normal cases. It might be reasonable to just document > the cases where there is a problem so as to warn people not to do that.
NO, security issues ought to be *fixed* not just documented. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
