On 04/25/2016 12:45 AM, Jarek Polok wrote:
On 04/25/2016 02:32 AM, ToddAndMargo wrote:
Hi All,
Seems like SL7 is not keeping up with Firefox and Thunderbird
updates anymore. EL Linux is suppose to keep up with security updates
but Red Hat obviously picks and chooses: Firefox and Thunderbird
are typically left unpatched.
That is incorrect, see:
# rpm -q firefox --changelog
shows:
* Thu Mar 03 2016 Jan Horak <[email protected]> - 38.7.0-1
- Update to 38.7.0 ESR
* Thu Feb 11 2016 Martin Stransky <[email protected]> - 38.6.1-1
- Update to 38.6.1 ESR
* Thu Jan 21 2016 Jan Horak <[email protected]> - 38.6.0-1
- Update to 38.6.0 ESR
* Fri Dec 11 2015 Jan Horak <[email protected]> - 38.5.0-3
- Update to 38.5.0 ESR
* Thu Oct 29 2015 Jan Horak <[email protected]> - 38.4.0-1
- Update to 38.4.0 ESR
* Tue Sep 15 2015 Jan Horak <[email protected]> - 38.3.0-2
- Update to 38.3.0 ESR
* Wed Aug 26 2015 Martin Stransky <[email protected]> - 38.2.1-1
- Update to 38.2.1 ESR
* Fri Aug 07 2015 Jan Horak <[email protected]> - 38.2.0-4
- Update to 38.2.0 ESR
* Thu Aug 06 2015 Jan Horak <[email protected]> - 38.1.1-1
- Update to 38.1.1 ESR
* Thu Jun 25 2015 Jan Horak <[email protected]> - 38.1.0-1
- Update to 38.1.0 ESR
* Fri May 15 2015 Martin Stransky <[email protected]> - 38.0.1-1
- Update to 38.0.1 ESR
so yes, there are updates for current firefox 38 ESR version.
What has been fixed is outlined here:
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
and if you look here:
https://www.mozilla.org/en-US/firefox/organizations/faq/
it shows that there will be still one more firefox 38 ESR release:
38.8.0
before support for it is dropped. (and upstream switches to ESR 45
releases which are now in 'qualify' phase)
Best Regards
Jarek
Hi Jarek,
Take a look over here at Mozilla's chart:
https://www.mozilla.org/media/img/firefox/organizations/release-overview.2ba45c58671a.png
We are way, way behind on ESR releases. What to want to guess
that when 38.8.0 hits, that will be the end of it.
-T
-T
