On Sun, Mar 06, 2005 at 10:42:34PM -0500, Marc Deslauriers wrote: .... > > 2- Don't issue a security update at all ..... > > 3- Issue a patch for the current, obsolete, version .... > > Is there any way we could be doing this any better? Well, the original mozilla which came with RH7.3 was mozilla-0.9.9. It got bumped up in Red Hat updates to version 1.2, I think. The current one from legacy updates is mozilla-1.4.3. As a matter of fact this was the only reasonable decision AFAICT (and RHEL got some updates to that in the meantime). I did actually looked once at a possibility of doing backport fixes here and quickly decided that there is no way I can do such thing with any amount of confidence that results will be even remotely correct not even mentioning time which would be required for such operation. I understand very well reasons for "only fixes" policy but there are situations where this becomes too rigid or unsustainable. OTOH "holding a dam" has clear merits but it also may cause a waste of scarce resources. No, I do not have clearcut answers which would be applicable on every occasion. Michal -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
