On 2018-02-19 at 16:03, Adrian Bunk wrote: > On Mon, Feb 19, 2018 at 03:52:30PM -0500, Roberto C. Sánchez wrote: > >> On Mon, Feb 19, 2018 at 10:16:56PM +0200, Adrian Bunk wrote:
>>> Debian already does "security by upstream releases" for Firefox, >>> and this clearly shows why this is problematic: >> >> Also PostgreSQL, formerly MySQL, OpenJDK, etc. Some go smoothly (I >> think PostgreSQL upstream is very good here), and some do not. > > These (and also the kernel) are "following an upstream LTS branch", > not "security by upstream releases". > > Also for Firefox the new releases on an upstrem LTS branch (currently > 52) are usually not a problem. > > The problem with Firefox is the once per year switch to a new LTS > branch, like this year Firefox 52 -> 59. We aren't doing that for > PostgreSQL. Nit: the new Firefox ESR this year will apparently be version 60, not 59. They've postponed it by one release this time around, for reasons I haven't bothered to retain. -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw
signature.asc
Description: OpenPGP digital signature