On Thu, Sep 02, 2010 at 07:49:21PM -0400, Michael Gilbert wrote: > On Wed, Sep 1, 2010 at 4:24 AM, Giuseppe Iuculano wrote: > > Hi Release Team, > > > > > > In the next few days upstream will release chromium 6 in the stable > > channel. This means that v5 will not receive any further (security) > > update, and v6 will receive security and stability updates. > > > > I could start to backport patches, but unfortunately there are some > > important webkit security issues (SVG related) that are hard to backport > > due to at least one or two major refactoring[1] of the SVG code. > > This means that any future SVG security issue (and unfortunately they > > are frequent) will be hard to fix. > > Is this a supportable approach? Once google discontinues version 6 > after perhaps 2 months from now (5 was only stable for two months or > less), you're going to have to do the hard work of backports. I think > we should be working on making a libwebkit-chrome binary package from > the webkit source so we only need to backport to one webkit codebase.
There is absolutely no way this could technically work, except with a whole lot of upstream*s* cooperation, a lot of work, and a whole lot of time. Not going to happen before squeeze. I'm fairly confident this won't be happening before wheezy either. Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
