[arch-general] SeaMonkey outdated. Critical security holes in the current version!
Manuel Reimer
Manuel.Spam at nurfuerspam.de
Sun Jan 20 03:56:31 EST 2013
Paul Marwick wrote:
> If you're concerned, you could do what I do - download the build information
> from the ABS and build it yourself. A bit of minor editing of the PKGBUILD is
> required, and the build takes a while (around and hour twenty minutes on my
> Core"Duo laptop), but that is it...
Sorry, but that's not the way how things should work. If a distribution offers a
package, then it should also offer updates for it. Most users don't monitor all
the packages, a distribution offers, for possible holes. They just trust their
distributor to ship security updates on time.
As long as you have the SeaMonkey package one of your primary repositories, you
also signal to users, that you plan to update this package. If you can't keep it
updated, please drop it and, for example, tell your users to switch to Firefox
and Thunderbird.
Bad reaction time on security holes was one of the top reasons, why I ported
from Slackware to Archlinux and now it seems like Archlinux isn't much better
there...
Yours
Manuel
More information about the arch-general
mailing list