Re: Mozilla Firefox exploit
On 2015-08-07 17:08:51 -0400, Renaud OLGIATI wrote: On Fri, 7 Aug 2015 22:31:15 +0200 Vincent Lefevre vinc...@vinc17.net wrote: And Firefox cannot play some videos on Debian due to bug 729251. Found an easy way to keep up to date with Mozilla (who BTW are very good at letting you know a newer version is available): Whenever advised by Firefox that a newer version has been released (like today, 39.0.3), I download the Linux-64 version from https://download.mozilla.org/?product=firefox-39.0.3-SSLos=linux64lang=en-GB save it and untar as root it in /opt, after renaming the existing /opt/firefox/ to /opt/firefox.xx.y.z/ just in case I want/need to return to the n-1 version. But Firefox 39.0.3 doesn't solve the video problem (e.g. on vimeo). -- Vincent Lefèvre vinc...@vinc17.net - Web: https://www.vinc17.net/ 100% accessible validated (X)HTML - Blog: https://www.vinc17.net/blog/ Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150808123745.ga16...@zira.vinc17.org
Re: Mozilla Firefox exploit
On Fri, 7 Aug 2015 22:31:15 +0200 Vincent Lefevre vinc...@vinc17.net wrote: Looks like Jessie is not vulnerable. But this is an old version. :( And unfortunately the sid version, which is also fixed, is not installable due to the libstdc++6 transition, which doesn't seem to have much progress: https://release.debian.org/transitions/html/libstdc++6.html And Firefox cannot play some videos on Debian due to bug 729251. Found an easy way to keep up to date with Mozilla (who BTW are very good at letting you know a newer version is available): Whenever advised by Firefox that a newer version has been released (like today, 39.0.3), I download the Linux-64 version from https://download.mozilla.org/?product=firefox-39.0.3-SSLos=linux64lang=en-GB save it and untar as root it in /opt, after renaming the existing /opt/firefox/ to /opt/firefox.xx.y.z/ just in case I want/need to return to the n-1 version. Of course my firefox launchers have been modified to point at /opt/firefox/firefox-bin ;-3) Cheers, Ron. -- The ability to speak several languages is an admirable asset, but to be able to hold your tongue in one language is absolutely priceless. -- http://www.olgiati-in-paraguay.org -- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150807170851.69892...@ron.cerrocora.org
Mozilla Firefox exploit
Hey everyone, does anyone have news from debian security regarding the exploit on Iceweasel/Firefox that's been on the news recently? I'm wondering if I should just wait for the update or just skip it and update Iceweasel directly. -- -- []'s, Francisco M Neto
Re: Mozilla Firefox exploit
On Fri, 2015-08-07 at 13:44 -0300, Francisco M Neto wrote: Hey everyone, does anyone have news from debian security regarding the exploit on Iceweasel/Firefox that's been on the news recently? I'm wondering if I should just wait for the update or just skip it and update Iceweasel directly. You could also just set pdfjs.disabled to true in about:config -- Cheers, Sven Arvidsson http://www.whiz.se PGP Key ID 6FAB5CD5 signature.asc Description: This is a digitally signed message part
Re: Mozilla Firefox exploit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 08/07/2015 12:44 PM, Francisco M Neto wrote: Hey everyone, does anyone have news from debian security regarding the exploit on Iceweasel/Firefox that's been on the news recently? I'm wondering if I should just wait for the update or just skip it and update Iceweasel directly. https://security-tracker.debian.org/tracker/source-package/iceweasel Looks like Jessie is not vulnerable. -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQEcBAEBCgAGBQJVxOw1AAoJECe2FpioHXO6hT8H/jt8f+MsRLHz6PV2UuGxmP5l Cc5/4xd1xWCUL0YgOKCCwr1p/otSwVR/rQ8y3h9mQpxdWVSeQCeHN4vdF58roJVH ywGnASPyzFXMLeW2/zA7NvRxBtK/ULgXFp18hkopUtq2AdhmK5kw/dzr65iTHe4F 1bU7EzWwSnorLUi68YSwFqIsv0+uyvt0azaW/uEEPEDQD9pgJexnxTOq4sV/iFXI uwkI+XwOWYeYXJVXkDYHSefdb31SfJfQPi3s+7LZQlsfzNH2Rg1TtACkVqFQj31d IZ+XfN44eGnGHA1dZnkChCuVA+QjcmnQ5S0xv4FGCHOjMSTozv26KUAfDRyFa/w= =ohcX -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55c4ec38.4060...@rcn.com
Re: Mozilla Firefox exploit
On 2015-08-07 13:34:48 -0400, Ralph Katz wrote: https://security-tracker.debian.org/tracker/source-package/iceweasel Looks like Jessie is not vulnerable. But this is an old version. :( And unfortunately the sid version, which is also fixed, is not installable due to the libstdc++6 transition, which doesn't seem to have much progress: https://release.debian.org/transitions/html/libstdc++6.html And Firefox cannot play some videos on Debian due to bug 729251. -- Vincent Lefèvre vinc...@vinc17.net - Web: https://www.vinc17.net/ 100% accessible validated (X)HTML - Blog: https://www.vinc17.net/blog/ Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150807203115.gb12...@zira.vinc17.org