Hi, On Thursday, 2022-11-24 10:41:45 -0800, Gordon Messmer wrote:
> I would much prefer to see Thunderbird updated early in > Rawhide and releases that are not yet final, but to remain on the older > stable version for as long as possible on any Fedora release that had > included it. That'd be a problem though because ~every Thunderbird x.y.0 release includes security fixes, which are not backported to older then unmaintained ESR releases by Mozilla. Not upgrading/rebasing to the then current ESR release would leave users of older releases vulnerable, or shift the burden of backporting fixes to maintainers for a highly divergent source code base; with an additional cost that the exact changes to fix a CVE are not readily available and would have to be peeled out if discoverable at all. I consider this impractical. Eike -- GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918 630B 6A6C D5B7 6563 2D3A
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
