firefox and dapper after april on LTS

Felipe Figueiredo philsf at ufrj.br
Thu Feb 15 15:25:11 UTC 2007 

On Thursday 15 February 2007 04:12:39 Bry Paula Melvin wrote:

> OK  then find me a reference where it says whether firefox 1.0x is affected 
by 
> the latest firefox vulnerability. that was a conclusion based on past 
events.

Find me a supported distribution (in an LTS-like way) that still uses it 
(hint: debian sarge). How does it deal with this issue? 
Answer: the sec team checks if it is vulnerable, and if is backports the 
patche provided. It's standard procedure (for example, check the latest: DSA 
1253-1).

Look, I don't think your _concern_ is exagerated or unfounded (in fact, it's 
perfecly justifiable and comes in time for needed ajustments). But the rant 
is, for the reasons I said in my previous reply.

> 
> SNip
> > LTS is LTS. PPC support for it will not be suspended overnight. PPC is 
only
> > no longer supported for _future_ releases. 606 is already released, so it
> > is supported. I don't see why you are so concerned with this.
> SNIP
> 
> > I think I see your point, but see through this way: there is a reason PPC
> > will no longer be supported for next releases: very few people use it. 
Even
> > apple is turning to x86 (if not completely already).
> >
> > Let's just not have another VHS x betamax discussion.
> 
> Segue of the year award here!
> 
> but where did you get the info Ubuntu is dropping ppc?

It was recently (this week) announced. I am subscribed to the -announce list 
(i suggest you also do). I assumed you knew, since it obviouly affects you.

> This wasn't a discussion of  the merits of little endian vs big endian 
anyway,

No, it's a discussion on whether people who bought it will continue to be able 
to use them securely. As I said, a perfetcly justified concern.


> I do have second thoughts about using lists and forums AKA "free" support. 
It 
> often seems that a query leaves a wake of confusing disiinformation behind 
> that won't help anyone,

I'm very sorry it came to this (especially with my contribution). I jumped in 
when you spoke of logics on your rant. ;-)


> I was looking for possible information not a debate or discussion.

Not that it matters now, but IMHO your previous posts didn't have a "I'm 
looking for information" tone. Instead, it blamed on a "probable" lack of 
efficiency of a team of people (actually two, because ubuntu sec team 
benefits from debian's sec team's results), you seemed not to know much 
about. Re-reading the thread, now I think this could have been a very short 
one, but then again if the world was perfect...


> Should have spent the time compiling it instead :-)

Not now. Do that when you need (if you ever do). By then, you'll not be alone, 
so you will probably not have to do everything. Now that's "free 
support". ;-)

regards
FF

More information about the kubuntu-users mailing list