Since 2013, Debian has allowed new browser versions to enter stable[1] even though most other package versions are frozen
The security team announcement mentions that "some Xul extensions currently packaged in the Debian archive are not compatible" and that a solution to that is still being worked out. There are similar consequences for some server-side content, e.g. jessie will include various WebRTC JavaScript libraries. The packages asterisk, jssip, jscommunicator and sipml5 closely follow this emerging standard. There have already been some occasions where changing browser technology (e.g. Chrome changing from SDES to DTLS-SRTP encryption) has caused these other packages to become unusable for periods of time. Has there already been any further discussion about the solution for Xul extensions packaged in Debian? With the freeze for jessie having just started, should the freeze guidelines be amended to make it easier for packages closely related to the browser to be updated to new versions at any time during the freeze if the browser version itself changes? Are there people who would object to such updates? 1. https://lists.debian.org/debian-security-announce/2013/msg00107.html -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5461d85b.4020...@pocock.pro