Jeff wrote: > > So if the dependency information is correct (I have attached the > dependencies that I examined), one application: enigmail, and six > locales would break by using an update to fix the security issue. > We can arrange that enigmail and those locales won't break - it's quite simple. To workaround the strict versioned dependencies in some dependent packages we must not use the upstream version as the debian package upstream version. But we can just use a versioning scheme like, e.g. 1.0.2-sarge1.0.6 or something. This definitly works for thunderbird ... as I have successfully tested this procedure on my box.
This is for thunderbird ... for firefox, eric would need to comment. Since firefox does not use dpatch or something to include distinct patches inside the diff.gz, it might be probably a bit harder to not use the upstream orig.tar.gz, but nevertheless, it would still be far from impossible. Mozilla has its patches included in the diff.gz, so going the same way as outlined above for thunderbird (in terms of howto version an updated package) appears to be doable too. -- GPG messages preferred. | .''`. ** Debian GNU/Linux ** Alexander Sack | : :' : The universal [EMAIL PROTECTED] | `. `' Operating System http://www.asoftsite.org | `- http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
