Mr. Volkerding, please don't forget about security updates
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
100 vulnerabilities are discovered in Firefox every year
In that case, shouldn't you be directing your sneer towards Mozilla instead?
Defective software is the responsibility of those who write it. As an aspiring professional programmer, you ought to know this. And, if certain FOSS businesses and organisations keep producing defective software, perhaps the solution is to stop shipping it, until they can come up with something that doesn't fall victim to two vulnerabilities every week of the year.
OP may be generally trolling around here, but in this case it's an absolutely solid point. According to packages.slackware.com, Slackware stable is still shipping Firefox 68.12.0, released August 25th 2020! If you care even a bit about security that is just not viable. For another example from stable see openssl-1.0.2u, which upstream hasn't supported for yonks: "All older versions (including 1.1.0, 1.0.2, 1.0.0 and 0.9.8) are now out of support and should not be used". It's been years since I considered Slackware stable to be an option, sad to see (especially when SBo remains tethered to it)!
In that case, shouldn't you be directing your sneer towards Mozilla instead?
Defective software is the responsibility of those who write it. As an aspiring professional programmer, you ought to know this. And, if certain FOSS businesses and organisations keep producing defective software, perhaps the solution is to stop shipping it, until they can come up with something that doesn't fall victim to two vulnerabilities every week of the year.
None of what you say is true.
The rule of thumb for widely used and well-tested software is 1 defect per 1kloc.
For browsers, servers, etc., many of these become vulnerabilities, if discovered. You do the math.
Lastly, no developer is required to fix outdated versions. That's an utterly delusional expectation.
And, if certain FOSS businesses and organisations keep producing defective software, perhaps the solution is to stop shipping it, until they can come up with something that doesn't fall victim to two vulnerabilities every week of the year.
You will be using wget and then staring at the HTML in vim.
Because Chrome gets twice as many vulns discovered a year.
A typical one is not limited to an OS or recent versions.
Slackware released 0 updates to it in 2021.
What are these then?
Code:
+--------------------------+
Thu Nov 4 04:43:31 UTC 2021
xap/mozilla-firefox-91.3.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.3.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-49/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38510
(* Security fix *)
+--------------------------+
Wed Oct 6 00:02:15 UTC 2021
xap/mozilla-firefox-91.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.2.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-45/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38497
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38498
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38501
(* Security fix *)
+--------------------------+
Mon Sep 6 18:55:54 UTC 2021
xap/mozilla-firefox-91.1.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.1.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-40/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38495
(* Security fix *)
+--------------------------+
Tue Aug 17 20:08:40 UTC 2021
xap/mozilla-firefox-91.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.0.1/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-37/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29991
(* Security fix *)
+--------------------------+
Mon Aug 16 05:28:16 UTC 2021
xap/mozilla-firefox-91.0-x86_64-1.txz: Upgraded.
New ESR release :-)
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-33/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29990
(* Security fix *)
+--------------------------+
Mon Jul 12 19:17:02 UTC 2021
xap/mozilla-firefox-90.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/90.0/releasenotes/
(* Security fix *)
+--------------------------+
Wed Jun 16 01:06:18 UTC 2021
xap/mozilla-firefox-89.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/89.0.1/releasenotes/
(* Security fix *)
+--------------------------+
Wed May 5 19:56:53 UTC 2021
xap/mozilla-firefox-88.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/88.0.1/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-20/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29953
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29952
(* Security fix *)
+--------------------------+
Mon Apr 19 21:40:04 UTC 2021
xap/mozilla-firefox-88.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/88.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2021-16/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29944
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29947
(* Security fix *)
+--------------------------+
Wed Mar 24 04:29:15 UTC 2021
xap/mozilla-firefox-87.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/87.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23988
(* Security fix *)
+--------------------------+
Mon Feb 22 20:58:01 UTC 2021
xap/mozilla-firefox-78.8.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.8.0/releasenotes/
(* Security fix *)
+--------------------------+
Fri Feb 5 21:18:59 UTC 2021
xap/mozilla-firefox-78.7.1esr-x86_64-1.txz: Upgraded.
This release contains a security fix.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.7.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/#MOZ-2021-0001
(* Security fix *)
+--------------------------+
Mon Jan 25 20:42:50 UTC 2021
xap/mozilla-firefox-78.7.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.7.0/releasenotes/
(* Security fix *)
+--------------------------+
Wed Jan 6 22:59:38 UTC 2021
xap/mozilla-firefox-78.6.1esr-x86_64-1.txz: Upgraded.
This release contains a security fix:
A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet
in a way that potentially resulted in a use-after-free. We presume that with
enough effort it could have been exploited to run arbitrary code.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.6.1/releasenotes/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16044
(* Security fix *)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.