Hello,

I have Debain Sarge installed...
From what I know (read) no packages are updated in stable brunch unless they include security bugs... (so it is reasonable for stable system - like server - not to be updated too much).

There is a firefox 1.0.6 that was released in order to fix security bugs in 1.0.4 and previous verisions.
This version is availible only in unstable repository... Shouldn't it be included in stable as security update?

Not that I'm so care of different security issues...
Even in windows I worked without anitvirus...

Just interested how it works in Stable branch

The problem is that Debian is going through serious changes (namely the ABI transition from gcc 3.x to 4.x). As I see now, mozilla-firefox 1.0.6-2 is in unstable, but depends on gcc-4.0-base and libstdc++6, which are part of this change. So most probably it will take a while before you get firefox 1.0.6

Hi. I wouldn't worry too much about there not being a lot of updates. If anything, it indicates that the system is basically secure. I've got 2 Woody installs upgraded to Sarge (stable) and there havn't been many updates on those. I've got another Woody upgraded to Sarge and on updates from testing repo (Etch). Initially there were quite a few updates on that, but it's fallen off lately. I got Firefox 1.05 for FC2, but 1.04 was only available for Debian. I don't really consider that a problem, and no doubt it will be upgraded to 1.05 shortly. I'm not too bothered about AV on Linux, after all the main objective of the black hats is Bills Windows. I use Smoothwall Express 2 firewall on a dedicated machine, and also have duplicated firewalls on the client machines. I don't visit dodgy sites. (porn,gambling,etc), neither do I click on emails telling me I've won the lottery, which incidentaly I've won at least 8 times in the last month according to emails. LOL. Personally I'd be carefull about using IRC. The scumbags seem to be using that to plant stuff on your machine that you could do without. Don't get paranoid. The Debian folks will give you the updates/security updates that you need. Regarding firewalls. Steve Gibson's site at http://www.grc.com will check out your firewall to make sure it's secure. If you have only one machine accessing the Internet you can install Guarddog from http://www.simonzone.com who also also have a program called guidedog that enables you to setup IP masquerading if you have more than one machine that accesses the Internet. Alternatively you can get Firestarter, which I believe I got from sourceforge. Probably http://firestarter.sourceforge.net. Saying that, Guardog is on synaptic on Debian which makes the install easier. I've got the dog pestering me for a walk. Just don't get too concerned about the lack of updates. This ain't Windows, It's Linux, and it's more secure. Nigel. aka farpoint.

My point is not how to secure my PC... I'm not so afraid... Especially in Linux...

As I have written in the original post I had allways worked on my Windows PC without antivirus - at least untill half year ago I've had problems with only few viruses...
When I used to use Windows at home...... Now my home is windows free so I don't have to worry (as paranoid IT team at work )

I have firewall, good passwords on external ssh access (from work) thats it...

The question was more on a way Debian inserts security updates in the stable release...
Thanks

Firefox is a special case, there's even a thread on debian-devel about it right now. The Mozilla people don't let distributions use their trademarks if they change the software in any way so if Debian were to backport any security patches to an older release they wouldn't be allowed to call it FireFox. And on top of that new Mozilla releases tend to include more than just security fixes so putting the new version wholey into stable can introduce problems.

I believe the final solution will be to put FF into a new repository called volatile, this will be an optional repository for software that Debian can't gurantee stability of. How this will be introduced and how people will be told about it, I have no clue. Infact the mention of it on the mailing lists recently was the first I had ever heard of it.

Thanks for the explanation, Noth.

Subcribes to thread/

Why not just install firefox your self from mozilla, pretty simple thing to do. You can also install it to your home directory in a folder for it and thunderbird.

Because the point of a good package manager is to avoid installing anything by hand. And the Debian packages will do things that the ones from Mozilla won't, like adding themselves to all the menus and the Debian alternatives system.

You might try to rebuild (recompile) the mozilla-firefox-1.06.deb on your system, then it shouldn't require Gcc-4.0 at least.

Sorry didn,t mean to ruffle any feathers ,FF and TB are updated so often it is no wounder distros can not keep up, but with FF so easy to install, and kmenu as easy to edit, I don,t see the problem. And if installed to the same directory menues and other things will work as they are and do not need to be reedited anyway.

It's not about them being updated too often, almost all OSS projects release a lot, it's about the Mozilla devs not releasing security patches as seperate entities and allowing them to be backported into the older versions. They usually throw in a dozen security fixes along with whatever other changes they want to push out and there's like a 50/50 chance that they'll break compatibility with extensions and such. And those kind of changes are unacceptable in Debian stable.

Well if it is security you are concerned, about then extensions and themes are what I would stay away from, most are unsigned and can give greif with the next FF version. I always backup my .mozilla folder before updating FF. Yes I share your opinion on extensions, they well may be found to be the acchilles heal of FF, and though sadly a very nice feature they do give me concern as it is the oweness of the extension writer to update it, even if FF tries to manage updating them.

The answer is very simple...

I want to go to synaptic - click on mozilla-firefox mark it, run and have all the stuff done...

I don't care too much about security updates but I want to keep my system stable and controlled by package manager... without different dependecy issues or broken stuff...

I love the Debain package management system that solves for you all the conflicts between libraries and packages...

I had enought headaches with my Windows PC when I installed programs from 20-30 different sites and... after I install program X then Y stops working...

I want one big repository that just works - and maybe one or two additional for non-official packages like acroread or w32codes...


Then when next debian will be released as stable I'll do only:

apt-get dist-upgrade

That's it...

1st, let me say that since I started using Debian, I too would not easily give up the package management system or the repositories.

Perhaps re-read Noth's Post #5 above, as long as Mozilla will not separate feature upgrades from bug & security fixes, I think your problem is insoluble in Debian Stable (Sarge).

I see several less than ideal choices for you:

• Konqueror
• Opera
• Etch
• Sid
• SimplyMEPIS
• [Ku|U]buntu

I use SimplyMEPIS for my desktops, Woody for servers. I have friends (one a Debian developer) who swear by Sid &/or [Ku|U]buntu for desktops. The idea that in Debian, stable & unstable refer to package change NOT package stability.

So, is this a desktop or a server we are discussing?