LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Mozilla Firefox ESR update in Slackware-14.2 (https://www.linuxquestions.org/questions/slackware-14/mozilla-firefox-esr-update-in-slackware-14-2-a-4175682177/)

arcctgx 09-15-2020 03:53 PM
Mozilla Firefox ESR update in Slackware-14.2
 
Hi,

The version of Mozilla Firefox currently available in -14.2 is 68.12.0 ESR, which is the last version for 68.x ESR branch. That branch is now EOL, security fixes will now be merged to 78.x ESR branch, with 78.3 ESR scheduled for release on September 22nd [1].

Does anyone know if we can expect an update of Firefox to 78.x ESR branch?

[1] https://wiki.mozilla.org/Release_Management/Calendar

Didier Spaier 09-15-2020 04:28 PM
Quote:
Originally Posted by arcctgx (Post 6166218)
Does anyone know if we can expect an update of Firefox to 78.x ESR branch?
We certainly can, but we probably won't know when until the new version appears in a ChangeLog like this one. Upgrading could need some preparation, cf. these Release Notes.

drumz 09-15-2020 05:16 PM
Quote:
Originally Posted by arcctgx (Post 6166218)
Does anyone know if we can expect an update of Firefox to 78.x ESR branch?
Let's examine the 14.2 Changelog:

Code:
+--------------------------+
Wed Jul 10 20:13:44 UTC 2019
patches/packages/mozilla-firefox-68.0esr-x86_64-1_slack14.2.txz: Upgraded.
      This release contains security fixes and improvements. Some of the patched
      flaws are considered critical, and could be used to run attacker code and
      install software, requiring no user interaction beyond normal browsing.
      For more information, see:
      https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
      https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709
      (* Security fix *)
patches/packages/rust-1.36.0-x86_64-1_slack14.2.txz: Upgraded.
      Upgraded to the latest Rust compiler for Firefox 68.0.
+--------------------------+
Fri Jun 21 06:12:11 UTC 2019
patches/packages/mozilla-firefox-60.7.2esr-x86_64-1_slack14.2.txz: Upgraded.
      This release contains security fixes and improvements.
      For more information, see:
      https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
      https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11708
      (* Security fix *)
+--------------------------+
Thu Sep 6 05:28:05 UTC 2018
Hey folks, in light of Firefox 52.x ESR reaching EOL a few hours ago, I'm
providing some updates. This required adding Rust and a newer version of
LLVM as optional updates for Slackware 14.2. And in case it doesn't work
for you (perhaps there's an extension you need that's not supported by 60.x
ESR), the last Firefox and Thunderbird 52.x EST have been moved to /pasture
as a fallback. If there are any more updates to those (but I don't think
there will be), I'll make those updates in /pasture as well.
pasture/mozilla-firefox-52.9.0esr-x86_64-1_slack14.2.txz: Added.
      Moved here from patches/packages/.
patches/packages/llvm-6.0.1-x86_64-1_slack14.2.txz: Upgraded.
      This upgrade to LLVM is provided because Firefox and Thunderbird require
      a newer version than what was shipped with Slackware 14.2. The libLLVM
      shared library from llvm-3.8.0 is also included in this package, so it
      should be safe to upgrade on Slackware 14.2 systems without breaking
      anything, but unless you are planning to recompile Firefox or Thunderbird,
      or you need a newer version of LLVM for some reason, it is optional.
patches/packages/mozilla-firefox-60.2.0esr-x86_64-1_slack14.2.txz: Upgraded.
      This release contains security fixes and improvements.
      For more information, see:
      https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
      (* Security fix *)
patches/packages/rust-1.28.0-x86_64-1_slack14.2.txz: Added.
      Since Rust is now a requirement to compile Firefox and Thunderbird we
      are adding it here. Unless you will need to recompile those (or need to
      compile other code written in Rust), it is an optional addition.
+--------------------------+
Sat Aug 6 19:29:16 UTC 2016
patches/packages/mozilla-firefox-45.3.0esr-x86_64-1_slack14.2.txz: Upgraded.
      This release contains security fixes and improvements.
      For more information, see:
      http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
      (* Security fix *)
+--------------------------+
Thu Jun 30 20:26:57 UTC 2016
Slackware 14.2 x86_64 stable is released!

The long development cycle (the Linux community has lately been living in
"interesting times", as they say) is finally behind us, and we're proud to
announce the release of Slackware 14.2. The new release brings many updates
and modern tools, has switched from udev to eudev (no systemd), and adds
well over a hundred new packages to the system. Thanks to the team, the
upstream developers, the dedicated Slackware community, and everyone else
who pitched in to help make this release a reality.

The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.

Have fun! :-)
+--------------------------+
What do you think?

arcctgx 09-15-2020 05:21 PM
Quote:
Originally Posted by Didier Spaier (Post 6166228)
Upgrading could need some preparation, cf. these Release Notes.
Hopefully that won't be as bad as the upgrade from pre-WebExtensions version. That was horrible user experience all around.

Quote:
Originally Posted by drumz (Post 6166237)
Let's examine the 14.2 Changelog:
Yeah, I just looked through the -14.2 ChangeLog and it seems Patrick has normally switched to new ESR versions once they became available. I'm not sure why I thought I should ask this question... Maybe because upgrade from 52.9 was somehow special. I don't remember the details.

Nevermind, let's wait for the official announcement.

djunzu 09-29-2020 04:26 PM
A few years ago Patrick did not switched to the last Firefox ESR. I don't remember which Slackware version.
And I remember I had a lot of trouble to get around this...
Have you ever tried to compile Firefox? With less than 4GB RAM!? oh man!

It seems there will be no ESR 78 for Slackware 14.2...

For me the best option is change to Slackware current.

Gordie 09-29-2020 05:54 PM
Since ESR releases are in lockstep with non-ESR as far as Firefox goes what is the attraction? I just see the ESR release in the Changelog and go get what Ruario's script gets me.

arcctgx 11-16-2020 07:03 PM
About six weeks passed, but an update is nowhere in sight. :(

I understand that the main focus seems to be development of -current, but nowadays a web browser is a fundamental component of a desktop OS. It feels strange that a stable branch of a Linux distribution doesn't provide security updates for a major web browser. Is there some technical issue which prevents updating Firefox to a supported ESR version on Slackware64-14.2 branch?

deNiro 11-16-2020 11:24 PM
Salix 14.2 ( which is binary compatible with slackware 14.2) has version 78.4.1esr, which is the latest of that branch, available. And You can find the mozilla-firefox-78.5.0esr-x86_64-1gv.txz package in the Salix mirrors, for example over here https://ftp.nluug.nl/os/Linux/distr/...4.2/salix/xap/, or on one of the other mirrors

arcctgx 11-21-2020 05:41 PM
Quote:
Originally Posted by deNiro (Post 6186078)
Salix 14.2 ( which is binary compatible with slackware 14.2) has version 78.4.1esr
So if I understand correctly that implies there are no technical issues that would prevent shipping currently supported Firefox ESR branch in Slackware-14.2?

If that's the case I just can't understand why Slackware-14.2 has not received an update so far.

upnort 11-21-2020 05:52 PM
Quote:
If that's the case I just can't understand why Slackware-14.2 has not received an update so far.
I haven't looked, but perhaps the reason is FF 78 won't compile on a stock 14.2 system?

deNiro 11-21-2020 06:02 PM
Quote:
Originally Posted by upnort (Post 6187640)
I haven't looked, but perhaps the reason is FF 78 won't compile on a stock 14.2 system?
As mentioned in my previous post, Salix 14.2 , wich is fully binary compatible with slackware 14.2 provides firefox ESR 78 branch. You can download it from them (check links in previous post), and it will work on slackware, since Salix 14.2 is basicly slackware 14.2. This shows that FF78 will compile on slackware 14.2. But you can surely ignore this post if you are a purist.

arcctgx 11-21-2020 06:11 PM
Quote:
Originally Posted by deNiro (Post 6187642)
But you can surely ignore this post if you are a purist.
Sorry if it appears as if I'm ignoring your advice - actually I'm tempted to try this Salix package. And the information you provided is relevant and helpful.

But what I'm really trying to achieve is to bring this subject to the attention of the Slackware devs who surely visit this forum. As Slackware has no official bug tracker, it looks like the only way to do it.

bassmadrigal 11-21-2020 07:11 PM
Quote:
Originally Posted by deNiro (Post 6187642)
As mentioned in my previous post, Salix 14.2 , wich is fully binary compatible with slackware 14.2 provides firefox ESR 78 branch. You can download it from them (check links in previous post), and it will work on slackware, since Salix 14.2 is basicly slackware 14.2. This shows that FF78 will compile on slackware 14.2. But you can surely ignore this post if you are a purist.
It might require additional software or updated libraries to compile on a "stock" 14.2 system, which is how Pat does all his builds.

@OP, really, the easiest thing to do is just use ruario's latest-firefox.sh script. It can grab the latest nightly, stable, or ESR.

Code:
wget https://gist.github.com/ruario/9672798/raw/8838b901c411289c7780d68eadeb8f655c9d46c2/latest-firefox.sh
FFESR=Y sh latest-firefox.sh -i
This will download the latest ESR, package it in a Slackware package, and install it.

I would probably recommend running the following sed against the latest-firefox.sh script, which will make it so any upgrades won't leave you with a new profile:

Code:
sed -i 's|X/firefox-$VERSION|X/firefox-$FFCHANNEL|g' latest-firefox.sh

upnort 11-21-2020 08:05 PM
Binary compatibility does not mean the Salix package is compiled using a stock Slackware. For example, compiling Firefox depends on Rust, but Rust is not a run-time requirement. Possibly the Salix folks bumped their version of Rust or other dependencies for building Firefox.

Conversely, Pat could be in Honey Badger mode. :)

deNiro 11-21-2020 09:27 PM
Well, I guess I misinterpreted the post of the topic starter. I assumed he was worried about FF68 branch being EOL, and that he wanted to run Firefox78 branch on his slackware 14.2 installation. But it was actually about the development of the package and/or the building process. I think I am getting too old :P


All times are GMT -5. The time now is 12:01 AM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page