you could read, that upstream doensn't release the security update
fireforx-4.0.1. Instead
users should update to Firefox 5.
My question is, how should fedora handle this cas. I can't believe, that
we shouldn't get any
security updates for Firefox until the release of F-16.
Check updates-testing. Firefox 5 is already there. If you'd read the devel list threads you would have seen dozens of references to it over the last week or so.
Peter
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-25-2011, 01:59 PM
Felix Miata
Security updates for Firefox 4 in F-15
On 2011/06/25 15:32 (GMT+0200) Jochen Schmitt composed:
> I have a spcial question about secirity update of Firefox 4 on F-15.
> On
> http://www.heise.de/newsticker/meldung/Diskussionen-um-Versionspolitik-von-Firefox-1268009.html
> you could read, that upstream doensn't release the security update
> fireforx-4.0.1. Instead
> users should update to Firefox 5.
> My question is, how should fedora handle this cas. I can't believe, that
> we shouldn't get any
> security updates for Firefox until the release of F-16.
FF5 is the security update to FF4.0.1, which incorporates an upstream
versioning policy change.
--
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)
Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!
Felix Miata *** http://fm.no-ip.com/
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 03:08 PM
Kevin Kofler
Security updates for Firefox 4 in F-15
Felix Miata wrote:
> FF5 is the security update to FF4.0.1, which incorporates an upstream
> versioning policy change.
The funny thing is that Firefox is going exactly the opposite way of us with
their update policies, and that as a result, that Firefox security update is
not compliant with our update policies (but got pushed anyway because
Firefox can do whatever it wants around here)…
Kevin Kofler
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 03:21 PM
Kevin Fenzi
Security updates for Firefox 4 in F-15
On Sun, 26 Jun 2011 17:08:31 +0200
Kevin Kofler <kevin.kofler@chello.at> wrote:
> Felix Miata wrote:
> > FF5 is the security update to FF4.0.1, which incorporates an
> > upstream versioning policy change.
>
> The funny thing is that Firefox is going exactly the opposite way of
> us with their update policies, and that as a result, that Firefox
> security update is not compliant with our update policies (but got
> pushed anyway because Firefox can do whatever it wants around here)…
Can you point to specific changes that are not compliant with the
policy?
If there were we would be in a similar boat to KDE. Ie, a upstream
who's support and release cycles don't match ours, so we need to grant
an exception (as we have done for KDE in the past) in order to have
security updates/upstream support.
kevin
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 04:01 PM
Christoph Wickert
Security updates for Firefox 4 in F-15
Am Sonntag, den 26.06.2011, 17:08 +0200 schrieb Kevin Kofler:
> Felix Miata wrote:
> > FF5 is the security update to FF4.0.1, which incorporates an upstream
> > versioning policy change.
>
> The funny thing is that Firefox is going exactly the opposite way of us with
> their update policies,
They didn't change their update policy but their release/development
model. FF 5 is an update to FF 4, but 3.6 got an update to 3.6.18, too.
This means that Mozilla's update policy hasn't changed.
> and that as a result, that Firefox security update is
> not compliant with our update policies
At what point exactly? Basically all that has changed is the version,
IHMO FF 5 can better be described as FF 4.1. The user experience hasn't
changed and the update meets all requirements of the update policy, so I
really don't see a problem here.
Regards,
Christoph
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 04:25 PM
Evandro Giovanini
Security updates for Firefox 4 in F-15
On Sun, Jun 26, 2011 at 1:01 PM, Christoph Wickert
<christoph.wickert@googlemail.com> wrote:
> Am Sonntag, den 26.06.2011, 17:08 +0200 schrieb Kevin Kofler:
>> Felix Miata wrote:
>> > FF5 is the security update to FF4.0.1, which incorporates an upstream
>> > versioning policy change.
>>
>> The funny thing is that Firefox is going exactly the opposite way of us with
>> their update policies,
>
> They didn't change their update policy but their release/development
> model. FF 5 is an update to FF 4, but 3.6 got an update to 3.6.18, too.
> This means that Mozilla's update policy hasn't changed.
>
>> and that as a result, that Firefox security update is
>> not compliant with our update policies
>
> At what point exactly? Basically all that has changed is the version,
> IHMO FF 5 can better be described as FF 4.1. The user experience hasn't
> changed and the update meets all requirements of the update policy, so I
> really don't see a problem here.
>
Firefox 5 is not stable because it introduces new features. The most
visible example of this is users who had extensions stop working with
Firefox 5.
Firefox's policy has changed. In the past they supported a stable
version for more than one day after the new release was out. They're
not doing that anymore with Firefox 4, so users are forced to use the
new features (and bugs) of a new release. It's a great policy if
you're in a race to not lose mindshare from Chrome, it's not so great
for the people who have Firefox deployed in stable environments.
Evandro
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 07:33 PM
Christoph Wickert
Security updates for Firefox 4 in F-15
Am Sonntag, den 26.06.2011, 13:25 -0300 schrieb Evandro Giovanini:
> On Sun, Jun 26, 2011 at 1:01 PM, Christoph Wickert
> <christoph.wickert@googlemail.com> wrote:
> > Am Sonntag, den 26.06.2011, 17:08 +0200 schrieb Kevin Kofler:
> >> Felix Miata wrote:
> >> > FF5 is the security update to FF4.0.1, which incorporates an upstream
> >> > versioning policy change.
> >>
> >> The funny thing is that Firefox is going exactly the opposite way of us with
> >> their update policies,
> >
> > They didn't change their update policy but their release/development
> > model. FF 5 is an update to FF 4, but 3.6 got an update to 3.6.18, too.
> > This means that Mozilla's update policy hasn't changed.
> >
> >> and that as a result, that Firefox security update is
> >> not compliant with our update policies
> >
> > At what point exactly? Basically all that has changed is the version,
> > IHMO FF 5 can better be described as FF 4.1. The user experience hasn't
> > changed and the update meets all requirements of the update policy, so I
> > really don't see a problem here.
> >
>
> Firefox 5 is not stable because it introduces new features.
New features don't have anything to do with stability. It's the AI/ABI
and AFAIK nothing has changed in xulrunnner. All dependent packages
required a simple rebuild. We had these rebuilds with every single FF
update.
> The most
> visible example of this is users who had extensions stop working with
> Firefox 5.
This is most likely because the extensions expect a certain version
string but not because of API/ABI changes.
> Firefox's policy has changed. In the past they supported a stable
> version for more than one day after the new release was out.
What policy? The security policy? Firefox 3.6 is considered the previous
stable version and it is still supported.
> They're
> not doing that anymore with Firefox 4, so users are forced to use the
> new features (and bugs) of a new release. It's a great policy if
> you're in a race to not lose mindshare from Chrome, it's not so great
> for the people who have Firefox deployed in stable environments.
Look, I never said I like the new version scheme. In fact I said that I
dislike it. The major version shouldn't have been bumped because is a
stable update, this means there are no API/ABI changes and no change in
configuration formats either. There are merely no changes and there is a
clean upgrade path, so I have no idea what problems in a stable
environment you are expecting.
And I have no idea what part of our update policy should be violated by
this update. Please somebody enlighten me.
Regards,
Christoph
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 08:28 PM
Lucas
Security updates for Firefox 4 in F-15
To All
I do not understand what are talking about.
Firefox and Thunderbird now does not require any kind of linux distribution attention.
Download bz2 archive from their site, unpack it to any directory (for example - /usr/local/share)
and start it.
It will use USER settings in home directory and if you decide to delete it later - just delete it.
Previous version will perfectly work with the new one.
Now it is not necessary to wait for update - do it you self.
I did - it works just fine.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
06-26-2011, 08:32 PM
Kevin Fenzi
Security updates for Firefox 4 in F-15
On Mon, 27 Jun 2011 00:28:50 +0400
Lucas <macachuto@gmail.com> wrote:
> To All
>
> I do not understand what are talking about.
>
> Firefox and Thunderbird now does not require any kind of linux
> distribution attention.
>
> Download bz2 archive from their site, unpack it to any directory (for
> example - /usr/local/share) and start it.
You are of course free to do this if you choose, but Fedora is a
package managed system. Doing this you lose a number of benefits of a
package management system.
See https://fedoraproject.org/wiki/Package_management_system
kevin
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Security updates for Firefox 4 in F-15
