lubuntu-qa team mailing list archive

Thread
Date

Re: Chromium

To: Phill Whiteside <PhillW@xxxxxxxxxx>
From: Julien Lavergne <gilir@xxxxxxxxxx>
Date: Mon, 05 Nov 2012 18:56:56 +0100
Cc: lubuntu-qa@xxxxxxxxxxxxxxxxxxx, Alex Shkop <a.v.shkop@xxxxxxxxx>
In-reply-to: <CAD5cqVjYrm-u0_xUfh_Yg7d_c-4o_kwqQ-VBX6Ru9WBMztfAnQ@mail.gmail.com>
Sender: Julien Lavergne <julien.lavergne@xxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121028 Thunderbird/16.0.2

Le 05/11/2012 01:08, Phill Whiteside a écrit :

From memory, most of the updates I see for Chromium are not 'feature'updates. The ones I see are security updates for when vulnerabilitieshave been found and are available? I'm not sure how such upstreampatches are applied for, say, FireFox that are released by mozillafoundation?

There are "features" updates, but it's tricky. Both Firefox and Chromiumdo release with include both security updates, and features updates. Inthis case, you can't just take the security items and package them, youare forced to do the entire update. That's why new versions of Firefoxand Chromium are SRUed, even if it's a new release. It's an exception inthe SRU process.

You know much more about this area, are CVE updates normal SRU's orsecurity team driven?

Security updates are driven by the security team, but it's only forpackages in main. In universe (for example, Chromium), they do what theycan (no guaranty).


Regards,
Julien Lavergne

Follow ups

Re: Chromium
From: Phill Whiteside, 2012-11-05

References

Re: Chromium
From: Phill Whiteside, 2012-11-05