On Fri, Apr 21, 2006 at 12:25:35PM -0400, Justin Pryzby wrote:
> On Fri, Apr 21, 2006 at 09:15:59AM -0700, Jean Tourrilhes wrote:
> > On Thu, Apr 20, 2006 at 09:46:41PM -0400, Justin Pryzby wrote:
> > >
> > > Another alternative is to update firefox and its dependencies to
> > > testing, by using apt-pinning. See, for example:
> > >
> > > http://bugs.debian.org/261458
> >
> > If this is the recommended solution, why the package doesn't
> > come as an alternative in stable ? I don't want to spend my time
> > tracking those kind of things, life is too short.
> Stable updates are minimal and must not change interfaces; new
> upstream releases don't count.
Security fixes do count. Especially for a browser, that is
used to access a variety of unknown site outside the firewall. If
there is only a single package that needs security fixes, this is the
browser. Without a safe browser, stable is not really useful.
If whatever policy says that you can't provide security fixes
to the browser in stable, then the policy is broken.
That's my point.
Don't get me wrong. I'm grateful to all the work the
maintainers are doing to get us 1.0.8 in a stable form, and I this
positive work is really apreciated. I fully realise the amount of work
it is. And I don't think they are the problem here.
I just can't agree with people who are not worried to what's
happening after 1.0.8.
Thanks...
Jean
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
