| 1 |
On Wed, Oct 6, 2010 at 7:36 AM, Mike Frysinger <vapier@g.o> wrote: |
| 2 |
> On Tuesday, October 05, 2010 10:35:57 Nirbheek Chauhan wrote: |
| 3 |
>> To fix this problem sqlite upstream made a specific change allowing a |
| 4 |
>> #pragma to be used to define where secure-delete is required, avoiding |
| 5 |
>> the need to use secure-delete *everywhere*. |
| 6 |
> |
| 7 |
> so what you're saying is that this USE flag can die once people fix/update |
| 8 |
> their packages |
| 9 |
> -mike |
| 10 |
> |
| 11 |
|
| 12 |
What I'm saying is that mozilla team will not do it unless you either: |
| 13 |
|
| 14 |
(a) You convince/bribe/cluebat upstream (we've tried and failed), or |
| 15 |
(b) You write a patch that you promise to maintain forever with quick |
| 16 |
responses for security bumps |
| 17 |
|
| 18 |
Keep in mind that firefox usually only works with a very narrow range |
| 19 |
of sqlite versions. If it's too low, it won't compile, or have runtime |
| 20 |
failures (when they forget to update the min system-sqlite version). |
| 21 |
If it's too high, it'll have strange runtime bugs since firefox relies |
| 22 |
too heavily on existing sqlite behaviour[1]. |
| 23 |
|
| 24 |
1. https://bugzilla.mozilla.org/show_bug.cgi?id=583611 |
| 25 |
-- |
| 26 |
~Nirbheek Chauhan |
| 27 |
|
| 28 |
Gentoo GNOME+Mozilla Team |
Archives