Firefox 1.03?
Matt Zimmerman
mdz at ubuntu.com
Thu May 5 07:46:29 UTC 2005
On Sun, Apr 24, 2005 at 03:37:21PM +0800, zer0halo wrote:
> It seems to me that it would be much less confusing for the user if Ubuntu
> were to simply release a security update for Hoary called firefox 1.0.3.
> Even if the security issues for Firefox 1.0.3 were fixed in the Ubuntu
> 1.0.2 release, how is the user supposed to know that? All the user (like
> me) knows is that mozilla releases a 1.0.3 security update to fix
> important vulnerabilities, so for all I know, my ubuntu 1.0.2. still has
> those vulnerabilities. My inclination is to ditch the Ubuntu version and
> just download and use the bin distributed by mozilla. But obviously that's
> not the best solution. Plus even if ubuntu-1.0.2. is secure, how do I
> convince my IT manager of that? Really, it shouldn't be difficult for
> Ubuntu to release 1.0.3. as a security patch for Hoary.
In general, the reason why we backport isn't that it would be more
difficult to update to a newer version (in fact, the reverse is often true).
It's that our intention is to fix the security issue without introducing new
bugs, or other unexpected changes which would be disruptive in a stable
release.
If you want to help us to test and integrate new upstream versions of
software, you can run our development release, where we do exactly that.
--
- mdz
More information about the ubuntu-users
mailing list