[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Linux-aus] FireFox vs IceWeasel
<quote who="Paul Wayper">
> So, can I just check one thing here. These security updates - were they
> patches filed in the Mozilla Foundation's code control system (CVS or
> whatever) against bugs in their bugzilla database? Or were these external
> patches applied 'in parallel' - i.e. the Mozilla Foundation was just too
> slow at applying security updates so the Debian and Ubuntu developers
> decided to take matters into their own hands?
Mozilla don't ship patches. They ship updates to the entire codebase as
minor versions. This is very troublesome for Linux distributors, but it is
of little concern to MoFo as their primary userbase is on Windows, for whom
they provide binary updates. *Any* changes to Firefox, security related or
not, require checking by MoFo engineers for trademark license compliancy.
This has been a problem for *every* Linux distribution, and the source of
much frustration. MoFo has made it very clear that they would far prefer it
if distributors shipped the Firefox binaries as shipped on firefox.com, and
that they took minor releases no-questions-asked as security updates, rather
than providing patches to the distributor-supported version.
Anyone who has been involved in distributing Firefox for a Linux distro will
tell you that these problems have been going on for ages now, and it's not
all roses.
(Have a look at the Mozilla security update history from Red Hat AS 2.1.)
- Jeff
--
linux.conf.au 2007: Sydney, Australia http://lca2007.linux.org.au/
"Elmo loves wasabi. That's why Elmo has no eyelids." - Elmo on Rove Live