On 05/28/2013 04:33 PM, Moritz Muehlenhoff wrote:
Hi,
we need to change the way security fixes are handled for Mozilla in
stable-security. The backporting of security fixes is no longer
sustainable resource-wise.
As such, we'll switch to releasing the ESR releases of iceweasel and
icedove in st
On Sun, Jun 02, 2013 at 05:04:54PM +0800, Thomas Goirand wrote:
> On 06/02/2013 01:35 AM, Florian Weimer wrote:
> > I'm not sure if moving packages between repositories makes that much
> > of a difference. Either they work acceptably well, or they don't,
> > independently of the delivery mechanism
Andrei POPESCU schrieb:
>
> --Yvzb+MHGXtbPBi5F
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> On Ma, 28 mai 13, 22:33:03, Moritz Muehlenhoff wrote:
>>=20
>> As such, we'll switch to releasing the ESR releases of icewease
On Sun, Jun 02, 2013 at 12:10:56PM +0300, Andrei POPESCU wrote:
> On Ma, 28 mai 13, 22:33:03, Moritz Muehlenhoff wrote:
> >
> > As such, we'll switch to releasing the ESR releases of iceweasel
> > and icedove in stable-security.
>
> Would it be possible to switch to the Mozilla branding in this
Ansgar Burchardt schrieb:
> Hi,
>
> On 05/28/2013 22:33, Moritz Muehlenhoff wrote:
>> As such, we'll switch to releasing the ESR releases of iceweasel
>> and icedove in stable-security.
>> Reverse-deps of the older xulrunner libs have negligable security
>> impact and we won't update them any fur
On Ma, 28 mai 13, 22:33:03, Moritz Muehlenhoff wrote:
>
> As such, we'll switch to releasing the ESR releases of iceweasel
> and icedove in stable-security.
Would it be possible to switch to the Mozilla branding in this case?
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser
Of
On 06/02/2013 01:35 AM, Florian Weimer wrote:
> I'm not sure if moving packages between repositories makes that much
> of a difference. Either they work acceptably well, or they don't,
> independently of the delivery mechanism.
The main difference would be that we accept the fact that Mozilla
sof
Didier 'OdyX' Raboud schrieb:
>> FWIW, I don't. I think the compromise that the security team is proposing is
>> much more reasonable than such an alternative.
>
> That compromise (which I do definitely support for wheezy) puzzles me most
> for
> the precedent it creates: if we "give up" [0] mai
Christoph Anton Mitterer schrieb:
>
> --=-dGSWlplfgLb+HUgDia6J
> Content-Type: text/plain; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
>
> Hi Moritz.
>
> Moritz Muehlenhoff wrote:
>> In the future the majority of packages should thus rather be installed
>> through http://addons.m
* Thomas Goirand:
> Maybe the best way forward is to have backports activated by default
> (there's already a patch available for that, not sure if it has been
> applied to d-i yet). Then when installing a desktop (since backports
> are now fully part of Debian), we could provide browsers from the
Am Donnerstag, den 30.05.2013, 22:29 +0100 schrieb Wookey:
> +++ Josh Triplett [2013-05-29 11:50 -0700]:
> > Moritz Muehlenhoff wrote:
> > > One problematic aspect are the various xul-ext-* packages currently
> > > packaged. It's very likely that some of them will break with ESR17
> > > and ESR24 i
On 2013-05-31 08:52:37 +, Raphael Geissert wrote:
> Russ Allbery debian.org> writes:
> [...]
> > This would *enable* users to install software from backports if it either
> > didn't exist in stable at all or if they explicitly requested it from
> > backports, but would not install such softwar
Quoting Russ Allbery (2013-05-30 19:56:23)
> Wouter Verhelst writes:
> > On 30-05-13 19:29, Thomas Goirand wrote:
>
> >> Maybe the best way forward is to have backports activated by
> >> default
>
> > No.
>
> > If we're going down that route, we might as well give up on doing a
> > stable rel
Russ Allbery debian.org> writes:
[...]
> This would *enable* users to install software from backports if it either
> didn't exist in stable at all or if they explicitly requested it from
> backports, but would not install such software by default.
Packages which, by the way, are not supported by
Russ Allbery (30/05/2013):
> Jonas Smedegaard writes:
> > Sorry, what bugreport?
>
> > I do not consider backports.debian.org of same quality as
> > debian.org so am concerned by what you outline above, and would
> > like to (at the least) read up on the relevant discussion
> > (i.e. avoid rehas
+++ Josh Triplett [2013-05-29 11:50 -0700]:
> Moritz Muehlenhoff wrote:
> > One problematic aspect are the various xul-ext-* packages currently
> > packaged. It's very likely that some of them will break with ESR17
> > and ESR24 in the future.
> >
> > However, there's not much we can do here. We ca
On 05/30/2013 08:06 PM, Scott Kitterman wrote:
> FWIW, Ubuntu has done this with their backports repositories for the last two
> years of releases
debian-live images have this by default since squeeze too.
--
Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email: daniel.
Jonas Smedegaard writes:
> Sorry, what bugreport?
> I do not consider backports.debian.org of same quality as debian.org so
> am concerned by what you outline above, and would like to (at the least)
> read up on the relevant discussion (i.e. avoid rehashing it here).
I'm afraid I've expired the
On Thu, May 30, 2013 at 08:29:16PM +0200, Didier 'OdyX' Raboud wrote:
> > FWIW, I don't. I think the compromise that the security team is proposing is
> > much more reasonable than such an alternative.
>
> That compromise (which I do definitely support for wheezy) puzzles me
> most for the precede
On Thu, May 30, 2013 at 10:56:23AM -0700, Russ Allbery wrote:
> The actual proposal in the bug report is to add backports.debian.org
> to the default sources.list file in the installer, but not otherwise
> change anything about the backports configuration. Specifically, the
> archive would remain
Quoting Russ Allbery (2013-05-30 19:56:23)
> Wouter Verhelst writes:
> > On 30-05-13 19:29, Thomas Goirand wrote:
>
> >> Maybe the best way forward is to have backports activated by
> >> default
>
> > No.
>
> > If we're going down that route, we might as well give up on doing a
> > stable rel
Le jeudi, 30 mai 2013 15.29:22, Stefano Zacchiroli a écrit :
> On Thu, May 30, 2013 at 03:20:29PM +0200, Didier 'OdyX' Raboud wrote:
> > > Which web browsers would remain in stable if we applied this criterion
> > > consistently?
> >
> > Although that makes me very sad, if we (collectively) give u
On Thursday, May 30, 2013 10:56:23 AM Russ Allbery wrote:
> Wouter Verhelst writes:
> > On 30-05-13 19:29, Thomas Goirand wrote:
> >> Maybe the best way forward is to have backports activated by default
> >
> > No.
> >
> > If we're going down that route, we might as well give up on doing a
> > s
Wouter Verhelst writes:
> On 30-05-13 19:29, Thomas Goirand wrote:
>> Maybe the best way forward is to have backports activated by default
> No.
> If we're going down that route, we might as well give up on doing a
> stable release.
Two issues keep getting confused when people talk about this,
On 30-05-13 19:29, Thomas Goirand wrote:
> Maybe the best way forward is to have backports activated by default
No.
If we're going down that route, we might as well give up on doing a
stable release.
--
This end should point toward the ground if you want to go to space.
If it starts pointing t
On 05/30/2013 09:29 PM, Stefano Zacchiroli wrote:
> On Thu, May 30, 2013 at 03:20:29PM +0200, Didier 'OdyX' Raboud wrote:
>>> Which web browsers would remain in stable if we applied this criterion
>>> consistently?
>>
>> Although that makes me very sad, if we (collectively) give up packaging
>> br
Hi Moritz.
Moritz Muehlenhoff wrote:
> In the future the majority of packages should thus rather be installed
> through http://addons.mozilla.org instead of Debian packages.
Form a security POV, I think this is really quite dangerous... actually
tendency should go towards the direction that users
On 2013-05-29 20:50, Josh Triplett wrote:
As a user of sid who also maintains various systems running stable, I
rely on packages like xul-ext-adblock-plus to make it easier to install
specific addons systemwide. I find it much easier to install those via
the Debian packaging system rather than a
On Thu, May 30, 2013 at 8:53 PM, Florian Weimer wrote:
> Which web browsers would remain in stable if we applied this criterion
> consistently?
The best browser ever; lynx.
--
bye,
pabs
http://wiki.debian.org/PaulWise
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a
On Thu, May 30, 2013 at 03:20:29PM +0200, Didier 'OdyX' Raboud wrote:
> > Which web browsers would remain in stable if we applied this criterion
> > consistently?
>
> Although that makes me very sad, if we (collectively) give up packaging
> browser extensions (hence letting our users rely on thir
Le jeudi, 30 mai 2013 14.53:44, Florian Weimer a écrit :
> * Didier Raboud:
> > If we can't handle the backporting of serious security issues on top
> > of our stable version (in order to maximise the avoidance of
> > regressions), then maybe said software shouldn't be shipped in
> > stable in the
* Didier Raboud:
> If we can't handle the backporting of serious security issues on top
> of our stable version (in order to maximise the avoidance of
> regressions), then maybe said software shouldn't be shipped in
> stable in the first place. Thoughts ?
Which web browsers would remain in stable
Le jeudi, 30 mai 2013 00.10:11, Philip Hands a écrit :
> Moritz Mühlenhoff writes:
> > Willi Mann schrieb:
> >> Moritz Muehlenhoff wrote:
> >>> As such, we'll switch to releasing the ESR releases of iceweasel
> >>> and icedove in stable-security.
> >>
> >> wouldn't it be better to do the bumps o
Hi,
Josh Triplett wrote (29 May 2013 18:50:23 GMT) :
> As a user of sid who also maintains various systems running stable, I
> rely on packages like xul-ext-adblock-plus to make it easier to install
> specific addons systemwide.
FTR, packaged XUL extensions make it easier to build Debian Live
sys
Moritz Mühlenhoff writes:
> Willi Mann schrieb:
>> Hello Moritz,
>>
>> Moritz Muehlenhoff wrote:
>>> As such, we'll switch to releasing the ESR releases of iceweasel
>>> and icedove in stable-security.
>>
>> wouldn't it be better to do the bumps of major ESR versions in point
>> releases? That
Willi Mann schrieb:
> Hello Moritz,
>
> Moritz Muehlenhoff wrote:
>> As such, we'll switch to releasing the ESR releases of iceweasel
>> and icedove in stable-security.
>
> wouldn't it be better to do the bumps of major ESR versions in point
> releases? That might also allow a few more extensions
Arno Töll schrieb:
> This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
> --enigD8B4E48BF27B74A11F1ECB8F
> Content-Type: text/plain; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
>
> On 29.05.2013 15:15, Ansgar Burchardt wrote:
>> I would expect some more pac
Moritz Muehlenhoff wrote:
> As such, we'll switch to releasing the ESR releases of iceweasel
> and icedove in stable-security.
Very welcome news.
> One problematic aspect are the various xul-ext-* packages currently
> packaged. It's very likely that some of them will break with ESR17
> and ESR24
Hello Moritz,
Moritz Muehlenhoff wrote:
> As such, we'll switch to releasing the ESR releases of iceweasel
> and icedove in stable-security.
wouldn't it be better to do the bumps of major ESR versions in point
releases? That might also allow a few more extensions to be updated.
> However, there
On 29.05.2013 15:15, Ansgar Burchardt wrote:
> I would expect some more packages giving us similar problems in the
> future: other web browsers (chromium) or web applications (owncloud?)
> where we might have to provide new upstream versions that require
> updating related packages (or breaking the
Hi,
On 05/28/2013 22:33, Moritz Muehlenhoff wrote:
> As such, we'll switch to releasing the ESR releases of iceweasel
> and icedove in stable-security.
> Reverse-deps of the older xulrunner libs have negligable security
> impact and we won't update them any further.
>
> One problematic aspect ar
On Tue, May 28, 2013 at 10:33:03PM +0200, Moritz Muehlenhoff wrote:
> Hi,
> we need to change the way security fixes are handled for Mozilla
> in stable-security. The backporting of security fixes is no
> longer sustainable resource-wise.
>
> As such, we'll switch to releasing the ESR releases of
On 29/05/13 00:17, John Paul Adrian Glaubitz wrote:
> Also, if anyone of the GNOME package maintainers is reading this,
> why does the gnome meta package depend on xul-ext-adblock-plus?
"For feature parity with the previous meta-gnome3 web browser", it appears:
meta-gnome3 (1:3.4+3) unstable; urg
On Wed, May 29, 2013 at 4:33 AM, Moritz Muehlenhoff wrote:
> we need to change the way security fixes are handled for Mozilla
> in stable-security. The backporting of security fixes is no
> longer sustainable resource-wise.
Please propose an announcement about this to the Debian press team and
ad
Hi Moritz!
On 05/28/2013 10:33 PM, Moritz Muehlenhoff wrote:
we need to change the way security fixes are handled for Mozilla
in stable-security. The backporting of security fixes is no
longer sustainable resource-wise.
I second this. Having one of the most commonly used desktop applications
l
45 matches
Mail list logo
