Re: mozilla - the forgotten package?

[Florian Weimer <fw@deneb.enyo.de>]

Jan Lühr wrote:

> Am Mittwoch, 10. März 2004 17:06 schrieben Sie:
> > Jan Lühr wrote:
> > > So is mozilla the forgotten package? Considering how popular mozilla is,
> > > making it secure would be worth the effort - imho.
> >
> > How many of Mozilla's security bugs which are fix during routine
> > upgrades are discussed publicly?  Can they be backported easily?
> 
> I'm not in touch with the mozilla code. Thus I cannot say how easy it is to 
> backport 'em.

Some of the known bugs are described at the following page:

<http://www.mozilla.org/projects/security/known-vulnerabilities.html>

Mandrake has recently released an advisory, maybe their patches could be
used for the 1.0 backports.

Hmm, has there been any Mozilla security update for woody?  This looks
like a *lot* of work.  Maybe it's better to take some other
distribution's Mozilla 1.4 package and ship that. 8->

-- 
Current mail filters: many dial-up/DSL/cable modem hosts, and the
following domains: atlas.cz, bigpond.com, freenet.de, hotmail.com,
libero.it, netscape.net, postino.it, tiscali.co.uk, tiscali.cz,
tiscali.it, voila.fr, wanadoo.fr, yahoo.com.