On 04/24/2016 07:43 PM, ToddAndMargo wrote:
On Apr 24, 2016 20:32, "ToddAndMargo" <toddandma...@zoho.com
<mailto:toddandma...@zoho.com>> wrote:

    Hi All,

    Seems like SL7 is not keeping up with Firefox and Thunderbird
    updates anymore.  EL Linux is suppose to keep up with security
    but Red Hat obviously picks and chooses: Firefox and Thunderbird
    are typically left unpatched.

    Is there some repo out there for Firefox and Thunderbird to
    fills the gap?  Or, should I go back to using the binaries
    from releases.mozilla.org <http://releases.mozilla.org>?

    Many thanks,

On 04/24/2016 07:13 PM, Stephen John Smoogen wrote:
Why do you think they are unpatched? The Firefox and Thunderbird are
based off the upstream extended release cycle versions and not the
latest type. So the security fixes which are in ESR are there but new
features are not. If you need new features then you will need to work
from the upstream tar balls

Hi Steven,

That is just wishful thinking.  As vulnerabilities are discovered
they are not added to the ESR, or if the are, we don't see them.
Have you seen a single update come through to the current ESR?
It is set and forget.  EL picks and chooses what they will keep
up to date.  Firefox and Thunderbird ain't one of them.

Do you know of a repo that does keep Firefox and Thunderbird
up to date?  Or am I stuck with the binaries?


We are currently 38.7.0 ESR.  As far as ESR goes, it is on


Pick and choose.

Computers are like air conditioners.
They malfunction when you open windows

Reply via email to