intrigeri: > I'm replying to "the severity of the options above", regarding > option b. > > Let's keep in mind that other email clients we used to ship, or could > choose to ship haven't synchronized their release schedule with > Firefox either; Ditto for most other software we ship, actually. So, > the "security updates are delayed a bit" problem is neither news here, > nor specific to Icedove. > > It *is* a serious problem, however. The long-term solution we've put > our odds on so far, that will work regardless of what email client we > ship, is to streamline our release process so that we can, some day, > put out (smaller) updates more often. This is one of the main reasons > why we've been putting so much efforts into our automated test suite > lately :)
Same here. To put it differently, Firefox is the only software we ship that is synchronized with our release schedule :) Icedove might deserve more attention than, let's say GtkHash, but other ones might be as serious, for example Pidgin, I2P, Electrum, or Enigmail itself. So I'd say we keep an eye on their security announcement, be ready for an emergency upgrade the day it's really needed, and in the meantime keep on working on streamlining our release process and having endless upgrades (#7499, #8534, or whatever). _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
