-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/18/08 10:11, Mike Hommey wrote: > On Wed, Jun 18, 2008 at 02:09:06PM +0200, A Mennucc wrote: [snip] >> >> 2) Another point is that >> http://svn.debian.org/wsvn/secure-testing/data/embedded-code-copies?op=file&rev=0&sc=0 >> lists many packages which ship embedded copies. One example is >> mozilla/iceweasel/iceape. Iceweasel had 9 security bugs in Etch. >> Iceweasel has ~500 bugs (!!). So iceweasel should be kept out of >> Lenny, since it contains embedded copies of code and is quite >> buggy. But no one is ever posting this RC bug. Why? Beats me. > > Note iceweasel 3.0, which is planned for Lenny, while it contains > embedded copy of code, does *not* use it. Find another example.
Contains embedded code, but doesn't use it? And it hasn't been/can't be stripped out? (I've been in the industry long enough to know that that is a symptom of serious, systemic problems within the application.) - -- Ron Johnson, Jr. Jefferson LA USA "Kittens give Morbo gas. In lighter news, the city of New New York is doomed." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkhZKBcACgkQS9HxQb37XmfWKgCfTdrP3H7ZgCZBuVnskZosm+f0 egMAoNo0n3zXvh6OBQcczLoox/H7ZLmD =CMCA -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
