Re: Firefox 52.0.1: CVE-2017-5428
Thanks Martin! A push to testing repo would also be highly appreciated. :-) -- Bojan ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
On Wed, Mar 22, 2017 at 2:21 AM, Martin Stranskywrote: > Sorry I overlooked this one. Builds are in koji now, firefox-52.0-6. Thanks, installed. Works great! ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
On Wed, Mar 22, 2017 at 07:22:58PM +0100, Marcus Karlsson wrote: > I know of several sites that use Ubuntu with the universe component > disabled and only use packages from main specifically because they are > well-supported by the security team. That does not necessarily make up a > majority of their users, but it's definitely a reason why some people > use it. Unless there is an actionable suggestion for something Fedora could learn from and thereby improve our development processes or policies, let's please avoid a big off-topic thread. Thanks. -- Matthew MillerFedora Project Leader ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
On Wed, Mar 22, 2017 at 11:59:51AM +0100, Jiri Eischmann wrote: > Greg Evenden píše v St 22. 03. 2017 v 02:26 +: > > might as well use Google-Chrome , Least one doesnt have to WAIT a > > year or so for a Update to a security Bug thats pretty serious, an ya > > wonder why more users use UBUNTU > > Sure, someone who can't wait a couple of days for a fix (I'm not saying > it's not a valid concern) will use Ubuntu with thousands of > unmaintained packages in universe with tons of unfixed security issues > :) > I don't think security is the reason why people choose it over other > distributions. I know of several sites that use Ubuntu with the universe component disabled and only use packages from main specifically because they are well-supported by the security team. That does not necessarily make up a majority of their users, but it's definitely a reason why some people use it. Marcus ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
On Wed, Mar 22, 2017 at 4:09 AM Jiri Eischmannwrote: > I'd like to point out that the last build was done on Sept 20. Yes, 7 > months ago. So it has probably its own fair share of unfixed CVEs and > thus it should really not be recommended to use. > > If you'd like to have the latest Firefox immediately, you can use our > Flatpak repo where we really build Firefox Nightly every single day: > https://firefox-flatpak.mojefedora.cz/ > > Thanks! I've been testing the Mozilla Firefoxes for a while but would be happy to test the Flatpak versions as well. I don't want to turn this into a Fedora vs. Ubuntu thread, but if someone wants to start one I'd be happy to toss in my (n - 1) cents. ;-) -- How many people can stand on the shoulders of a giant before the giant collapses? ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
Pavel Valena píše v St 22. 03. 2017 v 04:36 -0400: > - Original Message - > > From: "Greg Evenden" <gre...@fedoraproject.org> > > To: devel@lists.fedoraproject.org > > Sent: Wednesday, March 22, 2017 3:26:48 AM > > Subject: Re: Firefox 52.0.1: CVE-2017-5428 > > > > > Does anyone know whether the fix for this problem is already in > > > F25 > > > builds of FF or should a new build be prepared and pushed to fix > > > this? > > > > > > See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819 > > > > might as well use Google-Chrome , Least one doesnt have to WAIT a > > year or so > > for a Update to a security Bug thats pretty serious, an ya wonder > > why more > > users use UBUNTU > > You can try copr: > https://copr.fedorainfracloud.org/coprs/jackgreiner/firefox-trunk/ > > I did not test it thoroughly, but the trunk/nightly version seems to > work fine. I'd like to point out that the last build was done on Sept 20. Yes, 7 months ago. So it has probably its own fair share of unfixed CVEs and thus it should really not be recommended to use. If you'd like to have the latest Firefox immediately, you can use our Flatpak repo where we really build Firefox Nightly every single day: https://firefox-flatpak.mojefedora.cz/ Jiri signature.asc Description: This is a digitally signed message part ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
Greg Evenden píše v St 22. 03. 2017 v 02:26 +: > might as well use Google-Chrome , Least one doesnt have to WAIT a > year or so for a Update to a security Bug thats pretty serious, an ya > wonder why more users use UBUNTU Sure, someone who can't wait a couple of days for a fix (I'm not saying it's not a valid concern) will use Ubuntu with thousands of unmaintained packages in universe with tons of unfixed security issues :) I don't think security is the reason why people choose it over other distributions. Jiri signature.asc Description: This is a digitally signed message part ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
Greg Evenden wrote: > might as well use Google-Chrome , Least one doesnt have to WAIT a year or > so for a Update to a security Bug thats pretty serious, an ya wonder why > more users use UBUNTU "A year or so"??? The bug report is only 3 days old! Kevin Kofler ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
On 03/22/2017 01:22 AM, Bojan Smojver wrote: Does anyone know whether the fix for this problem is already in F25 builds of FF or should a new build be prepared and pushed to fix this? See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819 Sorry I overlooked this one. Builds are in koji now, firefox-52.0-6. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
- Original Message - > From: "Greg Evenden" <gre...@fedoraproject.org> > To: devel@lists.fedoraproject.org > Sent: Wednesday, March 22, 2017 3:26:48 AM > Subject: Re: Firefox 52.0.1: CVE-2017-5428 > > > Does anyone know whether the fix for this problem is already in F25 > > builds of FF or should a new build be prepared and pushed to fix this? > > > > See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819 > might as well use Google-Chrome , Least one doesnt have to WAIT a year or so > for a Update to a security Bug thats pretty serious, an ya wonder why more > users use UBUNTU You can try copr: https://copr.fedorainfracloud.org/coprs/jackgreiner/firefox-trunk/ I did not test it thoroughly, but the trunk/nightly version seems to work fine. Pavel Valena Associate Software Engineer Brno, Czech Republic RED HAT | TRIED. TESTED. TRUSTED. All of the airlines in the Fortune Global 500 rely on Red Hat. Find out why at Trusted | Red Hat <http://www.redhat.com/en/about/trusted> ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: Firefox 52.0.1: CVE-2017-5428
> Does anyone know whether the fix for this problem is already in F25 > builds of FF or should a new build be prepared and pushed to fix this? > > See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819 might as well use Google-Chrome , Least one doesnt have to WAIT a year or so for a Update to a security Bug thats pretty serious, an ya wonder why more users use UBUNTU ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org