On Tue, Sep 13, 2005 at 03:01:24PM +0100, Steve Kemp wrote: > On Tue, Sep 13, 2005 at 09:25:22AM -0400, Roberto C. Sanchez wrote: > > > I am concerned that a version of Mozilla claiming to be an earlier will > > eventually break user-installed extensions. > > .. > > > There really has to be a better way. > > The time to make suggestions was probably when Joey asked for > help handling Mozilla updates: > > http://lists.debian.org/debian-security/2005/07/msg00315.html > Agreed. However, since I had nothing constructive to offer in an already busy discussion, I just kept my mouth shut so as not to create additional noise.
> It is a hard problem, and the Mozilla folks don't appear to give > much assistance for security-only fixes... > I don't mean to imply it is an easy problem. However, I don't think that "cloak a new version as the old version" is the right solution. I seem recall at least a few people voiced that opinion in the discussion Joey started about this topic. Yet, it appears that their advice was not taken into consideration, or at least that someone else's advice to the contrary won out. Thankfully, I don't have the responsibility of making such a tough decision. My only motive in bringing this up was to point a potential PR problem (disaster even?) for Debian. Given how many people use mozilla-browser (it is #7 in the main/web category), I don't think this approach, especially given the potential for breakage, is a good thing. If there are others that share the same thoughts, it may be worthwhile to reopen the discussion. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
pgpURJgOHq6pR.pgp
Description: PGP signature
