[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Thu, Mar 20, 2008 at 01:29:51PM +0000, Tom Potts wrote: > If they were truly interested in security then NO non deb packages would be > allowed. And while I havent actually used iceweasel it must be really > irritating to have a browser that disables itself everytime a vulnerability > is found. Rubbish. Debian can't be responsible for every program run by every user. They can, however, be responsible for packages they distribute. They had a choice: distribute insecure software with the stable release, or continue patching security holes as they do with thousands of other packages. The first would mean that they could still use the Firefox name and logo, the second would mean they can't. I'm sorry, but in no way is the Firefox name and logo a worthwhile reason to distribute software with known security flaws, with available patches. My understanding is that generally the patches were security fixes taken from newer releases and applied to the older ones, in keeping with Debian's policy of fixing only security holes in a stable release, not adding new functionality. > While a security problem in a web browser on M$ can be a showstopper, on a > linux box they should not be anything other than an annoyance or do you > regularly 'sudo iceweasel'? Rubbish. Just because GNU/Linux is generally more secure than Windows is no reason to go asking for trouble. If there are security holes, they should be fixed. Anything less is irresponsible. -- Benjamin M. A'Lee || mail: bma@xxxxxxxxxxxxxx web: http://subvert.org.uk/~bma/ || gpg: 0xBB6D2FA0 "Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it's the only thing that ever has." -- Margaret Mead
Attachment:
signature.asc
Description: Digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html