[Mageia-dev] [RPM] cauldron core/release firefox-ext-add-on-compatibility-reporter-0.9-1.mga2
misc at zarb.org
Fri Aug 26 02:16:55 CEST 2011
Le jeudi 25 août 2011 à 22:03 +0300, Sander Lepik a écrit :
> 25.08.2011 21:53, Maarten Vanraes kirjutas:
> > i believe we should package as much extensions as possible.
> And if there is security hole in extension? have
If there is security issue in others rpms ?
You realize that extensions count for around 0.1% of the software we
have, so if they place to much burden on the security team or packagers,
the rest of the rpm would place much more burden ?
> Do you monitor all of them? Most of them get
> updated w/o big notice.
Like most softwares we ship.
> We do not have people to monitor extensions. And it's stopping us to
> update Firefox.
There is 8 extensions in our stable release. There is 19357 binaries
rpms, and 7612 src.rpm.
What is preventing firefox is the mozilla fondation policy, that is
completely inadapted to any serious commitment to quality by a third
party due to their disrespect of well established procedures, and
disrespect for their distributors.
More information about the Mageia-dev