Christoph Anton Mitterer cales...@scientia.net schrieb:
--=-dGSWlplfgLb+HUgDia6J
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Hi Moritz.
Moritz Muehlenhoff wrote:
In the future the majority of packages should thus rather be installed
through
Didier 'OdyX' Raboud o...@debian.org schrieb:
FWIW, I don't. I think the compromise that the security team is proposing is
much more reasonable than such an alternative.
That compromise (which I do definitely support for wheezy) puzzles me most
for
the precedent it creates: if we give up
On 06/02/2013 01:35 AM, Florian Weimer wrote:
I'm not sure if moving packages between repositories makes that much
of a difference. Either they work acceptably well, or they don't,
independently of the delivery mechanism.
The main difference would be that we accept the fact that Mozilla
On Ma, 28 mai 13, 22:33:03, Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
Would it be possible to switch to the Mozilla branding in this case?
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser
Ansgar Burchardt ans...@debian.org schrieb:
Hi,
On 05/28/2013 22:33, Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
Reverse-deps of the older xulrunner libs have negligable security
impact and we won't update them
On Sun, Jun 02, 2013 at 12:10:56PM +0300, Andrei POPESCU wrote:
On Ma, 28 mai 13, 22:33:03, Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
Would it be possible to switch to the Mozilla branding in this case?
I
Andrei POPESCU andreimpope...@gmail.com schrieb:
--Yvzb+MHGXtbPBi5F
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Ma, 28 mai 13, 22:33:03, Moritz Muehlenhoff wrote:
=20
As such, we'll switch to releasing the ESR
On Sun, Jun 02, 2013 at 05:04:54PM +0800, Thomas Goirand wrote:
On 06/02/2013 01:35 AM, Florian Weimer wrote:
I'm not sure if moving packages between repositories makes that much
of a difference. Either they work acceptably well, or they don't,
independently of the delivery mechanism.
The
On 05/28/2013 04:33 PM, Moritz Muehlenhoff wrote:
Hi,
we need to change the way security fixes are handled for Mozilla in
stable-security. The backporting of security fixes is no longer
sustainable resource-wise.
As such, we'll switch to releasing the ESR releases of iceweasel and
icedove in
On 2013-05-31 08:52:37 +, Raphael Geissert wrote:
Russ Allbery rra at debian.org writes:
[...]
This would *enable* users to install software from backports if it either
didn't exist in stable at all or if they explicitly requested it from
backports, but would not install such software
Am Donnerstag, den 30.05.2013, 22:29 +0100 schrieb Wookey:
+++ Josh Triplett [2013-05-29 11:50 -0700]:
Moritz Muehlenhoff wrote:
One problematic aspect are the various xul-ext-* packages currently
packaged. It's very likely that some of them will break with ESR17
and ESR24 in the
* Thomas Goirand:
Maybe the best way forward is to have backports activated by default
(there's already a patch available for that, not sure if it has been
applied to d-i yet). Then when installing a desktop (since backports
are now fully part of Debian), we could provide browsers from there
Russ Allbery r...@debian.org (30/05/2013):
Jonas Smedegaard d...@jones.dk writes:
Sorry, what bugreport?
I do not consider backports.debian.org of same quality as
debian.org so am concerned by what you outline above, and would
like to (at the least) read up on the relevant discussion
Russ Allbery rra at debian.org writes:
[...]
This would *enable* users to install software from backports if it either
didn't exist in stable at all or if they explicitly requested it from
backports, but would not install such software by default.
Packages which, by the way, are not supported
Quoting Russ Allbery (2013-05-30 19:56:23)
Wouter Verhelst wou...@debian.org writes:
On 30-05-13 19:29, Thomas Goirand wrote:
Maybe the best way forward is to have backports activated by
default
No.
If we're going down that route, we might as well give up on doing a
stable
Hi,
Josh Triplett wrote (29 May 2013 18:50:23 GMT) :
As a user of sid who also maintains various systems running stable, I
rely on packages like xul-ext-adblock-plus to make it easier to install
specific addons systemwide.
FTR, packaged XUL extensions make it easier to build Debian Live
Le jeudi, 30 mai 2013 00.10:11, Philip Hands a écrit :
Moritz Mühlenhoff j...@inutil.org writes:
Willi Mann foss...@wm1.at schrieb:
Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
wouldn't it be better to do
* Didier Raboud:
If we can't handle the backporting of serious security issues on top
of our stable version (in order to maximise the avoidance of
regressions), then maybe said software shouldn't be shipped in
stable in the first place. Thoughts ?
Which web browsers would remain in stable if
Le jeudi, 30 mai 2013 14.53:44, Florian Weimer a écrit :
* Didier Raboud:
If we can't handle the backporting of serious security issues on top
of our stable version (in order to maximise the avoidance of
regressions), then maybe said software shouldn't be shipped in
stable in the first
On Thu, May 30, 2013 at 03:20:29PM +0200, Didier 'OdyX' Raboud wrote:
Which web browsers would remain in stable if we applied this criterion
consistently?
Although that makes me very sad, if we (collectively) give up packaging
browser extensions (hence letting our users rely on
On Thu, May 30, 2013 at 8:53 PM, Florian Weimer wrote:
Which web browsers would remain in stable if we applied this criterion
consistently?
The best browser ever; lynx.
--
bye,
pabs
http://wiki.debian.org/PaulWise
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a
On 2013-05-29 20:50, Josh Triplett wrote:
As a user of sid who also maintains various systems running stable, I
rely on packages like xul-ext-adblock-plus to make it easier to install
specific addons systemwide. I find it much easier to install those via
the Debian packaging system rather than
Hi Moritz.
Moritz Muehlenhoff wrote:
In the future the majority of packages should thus rather be installed
through http://addons.mozilla.org instead of Debian packages.
Form a security POV, I think this is really quite dangerous... actually
tendency should go towards the direction that users
On 05/30/2013 09:29 PM, Stefano Zacchiroli wrote:
On Thu, May 30, 2013 at 03:20:29PM +0200, Didier 'OdyX' Raboud wrote:
Which web browsers would remain in stable if we applied this criterion
consistently?
Although that makes me very sad, if we (collectively) give up packaging
browser
On 30-05-13 19:29, Thomas Goirand wrote:
Maybe the best way forward is to have backports activated by default
No.
If we're going down that route, we might as well give up on doing a
stable release.
--
This end should point toward the ground if you want to go to space.
If it starts pointing
Wouter Verhelst wou...@debian.org writes:
On 30-05-13 19:29, Thomas Goirand wrote:
Maybe the best way forward is to have backports activated by default
No.
If we're going down that route, we might as well give up on doing a
stable release.
Two issues keep getting confused when people talk
On Thursday, May 30, 2013 10:56:23 AM Russ Allbery wrote:
Wouter Verhelst wou...@debian.org writes:
On 30-05-13 19:29, Thomas Goirand wrote:
Maybe the best way forward is to have backports activated by default
No.
If we're going down that route, we might as well give up on doing a
Le jeudi, 30 mai 2013 15.29:22, Stefano Zacchiroli a écrit :
On Thu, May 30, 2013 at 03:20:29PM +0200, Didier 'OdyX' Raboud wrote:
Which web browsers would remain in stable if we applied this criterion
consistently?
Although that makes me very sad, if we (collectively) give up
Quoting Russ Allbery (2013-05-30 19:56:23)
Wouter Verhelst wou...@debian.org writes:
On 30-05-13 19:29, Thomas Goirand wrote:
Maybe the best way forward is to have backports activated by
default
No.
If we're going down that route, we might as well give up on doing a
stable
On Thu, May 30, 2013 at 10:56:23AM -0700, Russ Allbery wrote:
The actual proposal in the bug report is to add backports.debian.org
to the default sources.list file in the installer, but not otherwise
change anything about the backports configuration. Specifically, the
archive would remain
On Thu, May 30, 2013 at 08:29:16PM +0200, Didier 'OdyX' Raboud wrote:
FWIW, I don't. I think the compromise that the security team is proposing is
much more reasonable than such an alternative.
That compromise (which I do definitely support for wheezy) puzzles me
most for the precedent it
Jonas Smedegaard d...@jones.dk writes:
Sorry, what bugreport?
I do not consider backports.debian.org of same quality as debian.org so
am concerned by what you outline above, and would like to (at the least)
read up on the relevant discussion (i.e. avoid rehashing it here).
I'm afraid I've
On 05/30/2013 08:06 PM, Scott Kitterman wrote:
FWIW, Ubuntu has done this with their backports repositories for the last two
years of releases
debian-live images have this by default since squeeze too.
--
Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email:
+++ Josh Triplett [2013-05-29 11:50 -0700]:
Moritz Muehlenhoff wrote:
One problematic aspect are the various xul-ext-* packages currently
packaged. It's very likely that some of them will break with ESR17
and ESR24 in the future.
However, there's not much we can do here. We can select a
On 29/05/13 00:17, John Paul Adrian Glaubitz wrote:
Also, if anyone of the GNOME package maintainers is reading this,
why does the gnome meta package depend on xul-ext-adblock-plus?
For feature parity with the previous meta-gnome3 web browser, it appears:
meta-gnome3 (1:3.4+3) unstable;
On Tue, May 28, 2013 at 10:33:03PM +0200, Moritz Muehlenhoff wrote:
Hi,
we need to change the way security fixes are handled for Mozilla
in stable-security. The backporting of security fixes is no
longer sustainable resource-wise.
As such, we'll switch to releasing the ESR releases of
Hi,
On 05/28/2013 22:33, Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
Reverse-deps of the older xulrunner libs have negligable security
impact and we won't update them any further.
One problematic aspect are the
On 29.05.2013 15:15, Ansgar Burchardt wrote:
I would expect some more packages giving us similar problems in the
future: other web browsers (chromium) or web applications (owncloud?)
where we might have to provide new upstream versions that require
updating related packages (or breaking them).
Hello Moritz,
Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
wouldn't it be better to do the bumps of major ESR versions in point
releases? That might also allow a few more extensions to be updated.
However, there's
Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
Very welcome news.
One problematic aspect are the various xul-ext-* packages currently
packaged. It's very likely that some of them will break with ESR17
and ESR24 in
Arno Töll a...@debian.org schrieb:
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--enigD8B4E48BF27B74A11F1ECB8F
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 29.05.2013 15:15, Ansgar Burchardt wrote:
I would expect some
Willi Mann foss...@wm1.at schrieb:
Hello Moritz,
Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
wouldn't it be better to do the bumps of major ESR versions in point
releases? That might also allow a few more
Moritz Mühlenhoff j...@inutil.org writes:
Willi Mann foss...@wm1.at schrieb:
Hello Moritz,
Moritz Muehlenhoff wrote:
As such, we'll switch to releasing the ESR releases of iceweasel
and icedove in stable-security.
wouldn't it be better to do the bumps of major ESR versions in point
Hi Moritz!
On 05/28/2013 10:33 PM, Moritz Muehlenhoff wrote:
we need to change the way security fixes are handled for Mozilla
in stable-security. The backporting of security fixes is no
longer sustainable resource-wise.
I second this. Having one of the most commonly used desktop applications
On Wed, May 29, 2013 at 4:33 AM, Moritz Muehlenhoff wrote:
we need to change the way security fixes are handled for Mozilla
in stable-security. The backporting of security fixes is no
longer sustainable resource-wise.
Please propose an announcement about this to the Debian press team and
add
45 matches
Mail list logo