On 2018-02-19 at 16:03, Adrian Bunk wrote:

> On Mon, Feb 19, 2018 at 03:52:30PM -0500, Roberto C. Sánchez wrote:
>> On Mon, Feb 19, 2018 at 10:16:56PM +0200, Adrian Bunk wrote:

>>> Debian already does "security by upstream releases" for Firefox, 
>>> and this clearly shows why this is problematic:
>> Also PostgreSQL, formerly MySQL, OpenJDK, etc. Some go smoothly (I
>> think PostgreSQL upstream is very good here), and some do not.
> These (and also the kernel) are "following an upstream LTS branch", 
> not "security by upstream releases".
> Also for Firefox the new releases on an upstrem LTS branch (currently
> 52) are usually not a problem.
> The problem with Firefox is the once per year switch to a new LTS
> branch, like this year Firefox 52 -> 59. We aren't doing that for
> PostgreSQL.

Nit: the new Firefox ESR this year will apparently be version 60, not
59. They've postponed it by one release this time around, for reasons I
haven't bothered to retain.

   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man.         -- George Bernard Shaw

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to