FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 06-25-2011, 01:35 PM
Johannes Lips
 
Default Security updates for Firefox 4 in F-15

Hi,

fedora already updated to firefox 5 in fedora 15.

btw only german speaking persons could read your reference ;-)

Johannes

On Sat, Jun 25, 2011 at 3:32 PM, Jochen Schmitt <Jochen@herr-schmitt.de> wrote:

Hallo,



I have a spcial question about secirity update of Firefox 4 on F-15.



On

http://www.heise.de/newsticker/meldung/Diskussionen-um-Versionspolitik-von-Firefox-1268009.html


you could read, that upstream doensn't release the security update

fireforx-4.0.1. Instead

users should update to Firefox 5.



My question is, how should fedora handle this cas. I can't believe, that

we shouldn't get any

security updates for Firefox until the release of F-16.



Best Regards:



Jochen Schmitt

--

devel mailing list

devel@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/devel



--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-25-2011, 01:40 PM
Peter Robinson
 
Default Security updates for Firefox 4 in F-15

On Sat, Jun 25, 2011 at 2:32 PM, Jochen Schmitt <Jochen@herr-schmitt.de> wrote:

Hallo,



I have a spcial question about secirity update of Firefox 4 on F-15.



On

http://www.heise.de/newsticker/meldung/Diskussionen-um-Versionspolitik-von-Firefox-1268009.html


you could read, that upstream doensn't release the security update

fireforx-4.0.1. Instead

users should update to Firefox 5.



My question is, how should fedora handle this cas. I can't believe, that

we shouldn't get any

security updates for Firefox until the release of F-16.



Check updates-testing. Firefox 5 is already there. If you'd read the devel list threads you would have seen dozens of references to it over the last week or so.

Peter



--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-25-2011, 01:59 PM
Felix Miata
 
Default Security updates for Firefox 4 in F-15

On 2011/06/25 15:32 (GMT+0200) Jochen Schmitt composed:

> I have a spcial question about secirity update of Firefox 4 on F-15.

> On
> http://www.heise.de/newsticker/meldung/Diskussionen-um-Versionspolitik-von-Firefox-1268009.html
> you could read, that upstream doensn't release the security update
> fireforx-4.0.1. Instead
> users should update to Firefox 5.

> My question is, how should fedora handle this cas. I can't believe, that
> we shouldn't get any
> security updates for Firefox until the release of F-16.

FF5 is the security update to FF4.0.1, which incorporates an upstream
versioning policy change.
--
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata *** http://fm.no-ip.com/
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 03:08 PM
Kevin Kofler
 
Default Security updates for Firefox 4 in F-15

Felix Miata wrote:
> FF5 is the security update to FF4.0.1, which incorporates an upstream
> versioning policy change.

The funny thing is that Firefox is going exactly the opposite way of us with
their update policies, and that as a result, that Firefox security update is
not compliant with our update policies (but got pushed anyway because
Firefox can do whatever it wants around here)…

Kevin Kofler

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 03:21 PM
Kevin Fenzi
 
Default Security updates for Firefox 4 in F-15

On Sun, 26 Jun 2011 17:08:31 +0200
Kevin Kofler <kevin.kofler@chello.at> wrote:

> Felix Miata wrote:
> > FF5 is the security update to FF4.0.1, which incorporates an
> > upstream versioning policy change.
>
> The funny thing is that Firefox is going exactly the opposite way of
> us with their update policies, and that as a result, that Firefox
> security update is not compliant with our update policies (but got
> pushed anyway because Firefox can do whatever it wants around here)…

Can you point to specific changes that are not compliant with the
policy?

If there were we would be in a similar boat to KDE. Ie, a upstream
who's support and release cycles don't match ours, so we need to grant
an exception (as we have done for KDE in the past) in order to have
security updates/upstream support.

kevin


--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 04:01 PM
Christoph Wickert
 
Default Security updates for Firefox 4 in F-15

Am Sonntag, den 26.06.2011, 17:08 +0200 schrieb Kevin Kofler:
> Felix Miata wrote:
> > FF5 is the security update to FF4.0.1, which incorporates an upstream
> > versioning policy change.
>
> The funny thing is that Firefox is going exactly the opposite way of us with
> their update policies,

They didn't change their update policy but their release/development
model. FF 5 is an update to FF 4, but 3.6 got an update to 3.6.18, too.
This means that Mozilla's update policy hasn't changed.

> and that as a result, that Firefox security update is
> not compliant with our update policies

At what point exactly? Basically all that has changed is the version,
IHMO FF 5 can better be described as FF 4.1. The user experience hasn't
changed and the update meets all requirements of the update policy, so I
really don't see a problem here.

Regards,
Christoph


--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 04:25 PM
Evandro Giovanini
 
Default Security updates for Firefox 4 in F-15

On Sun, Jun 26, 2011 at 1:01 PM, Christoph Wickert
<christoph.wickert@googlemail.com> wrote:
> Am Sonntag, den 26.06.2011, 17:08 +0200 schrieb Kevin Kofler:
>> Felix Miata wrote:
>> > FF5 is the security update to FF4.0.1, which incorporates an upstream
>> > versioning policy change.
>>
>> The funny thing is that Firefox is going exactly the opposite way of us with
>> their update policies,
>
> They didn't change their update policy but their release/development
> model. FF 5 is an update to FF 4, but 3.6 got an update to 3.6.18, too.
> This means that Mozilla's update policy hasn't changed.
>
>> and that as a result, that Firefox security update is
>> not compliant with our update policies
>
> At what point exactly? Basically all that has changed is the version,
> IHMO FF 5 can better be described as FF 4.1. The user experience hasn't
> changed and the update meets all requirements of the update policy, so I
> really don't see a problem here.
>

Firefox 5 is not stable because it introduces new features. The most
visible example of this is users who had extensions stop working with
Firefox 5.

Firefox's policy has changed. In the past they supported a stable
version for more than one day after the new release was out. They're
not doing that anymore with Firefox 4, so users are forced to use the
new features (and bugs) of a new release. It's a great policy if
you're in a race to not lose mindshare from Chrome, it's not so great
for the people who have Firefox deployed in stable environments.


Evandro
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 07:33 PM
Christoph Wickert
 
Default Security updates for Firefox 4 in F-15

Am Sonntag, den 26.06.2011, 13:25 -0300 schrieb Evandro Giovanini:
> On Sun, Jun 26, 2011 at 1:01 PM, Christoph Wickert
> <christoph.wickert@googlemail.com> wrote:
> > Am Sonntag, den 26.06.2011, 17:08 +0200 schrieb Kevin Kofler:
> >> Felix Miata wrote:
> >> > FF5 is the security update to FF4.0.1, which incorporates an upstream
> >> > versioning policy change.
> >>
> >> The funny thing is that Firefox is going exactly the opposite way of us with
> >> their update policies,
> >
> > They didn't change their update policy but their release/development
> > model. FF 5 is an update to FF 4, but 3.6 got an update to 3.6.18, too.
> > This means that Mozilla's update policy hasn't changed.
> >
> >> and that as a result, that Firefox security update is
> >> not compliant with our update policies
> >
> > At what point exactly? Basically all that has changed is the version,
> > IHMO FF 5 can better be described as FF 4.1. The user experience hasn't
> > changed and the update meets all requirements of the update policy, so I
> > really don't see a problem here.
> >
>
> Firefox 5 is not stable because it introduces new features.

New features don't have anything to do with stability. It's the AI/ABI
and AFAIK nothing has changed in xulrunnner. All dependent packages
required a simple rebuild. We had these rebuilds with every single FF
update.

> The most
> visible example of this is users who had extensions stop working with
> Firefox 5.

This is most likely because the extensions expect a certain version
string but not because of API/ABI changes.

> Firefox's policy has changed. In the past they supported a stable
> version for more than one day after the new release was out.

What policy? The security policy? Firefox 3.6 is considered the previous
stable version and it is still supported.

> They're
> not doing that anymore with Firefox 4, so users are forced to use the
> new features (and bugs) of a new release. It's a great policy if
> you're in a race to not lose mindshare from Chrome, it's not so great
> for the people who have Firefox deployed in stable environments.

Look, I never said I like the new version scheme. In fact I said that I
dislike it. The major version shouldn't have been bumped because is a
stable update, this means there are no API/ABI changes and no change in
configuration formats either. There are merely no changes and there is a
clean upgrade path, so I have no idea what problems in a stable
environment you are expecting.

And I have no idea what part of our update policy should be violated by
this update. Please somebody enlighten me.

Regards,
Christoph


--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 08:28 PM
Lucas
 
Default Security updates for Firefox 4 in F-15

To All

I do not understand what are talking about.

Firefox and Thunderbird now does not require any kind of linux distribution attention.

Download bz2 archive from their site, unpack it to any directory (for example - /usr/local/share)
and start it.

It will use USER settings in home directory and if you decide to delete it later - just delete it.
Previous version will perfectly work with the new one.

Now it is not necessary to wait for update - do it you self.
I did - it works just fine.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 06-26-2011, 08:32 PM
Kevin Fenzi
 
Default Security updates for Firefox 4 in F-15

On Mon, 27 Jun 2011 00:28:50 +0400
Lucas <macachuto@gmail.com> wrote:

> To All
>
> I do not understand what are talking about.
>
> Firefox and Thunderbird now does not require any kind of linux
> distribution attention.
>
> Download bz2 archive from their site, unpack it to any directory (for
> example - /usr/local/share) and start it.

You are of course free to do this if you choose, but Fedora is a
package managed system. Doing this you lose a number of benefits of a
package management system.

See https://fedoraproject.org/wiki/Package_management_system

kevin
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 

Thread Tools




All times are GMT. The time now is 01:03 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org