Hi,
On Thursday, 2022-11-24 10:41:45 -0800, Gordon Messmer wrote:
I would much prefer to see Thunderbird updated early in
Rawhide and releases that are not yet final, but to remain on the older
stable version for as long as possible on any Fedora release that had
included it.
That'd be a problem though because ~every Thunderbird x.y.0 release
includes security fixes, which are not backported to older then
unmaintained ESR releases by Mozilla. Not upgrading/rebasing to the then
current ESR release would leave users of older releases vulnerable, or
shift the burden of backporting fixes to maintainers for a highly
divergent source code base; with an additional cost that the exact
changes to fix a CVE are not readily available and would have to be
peeled out if discoverable at all. I consider this impractical.
Eike
--
GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918 630B 6A6C D5B7 6563 2D3A