subject:"Re\: Firefox 52.0.1\: CVE\-2017\-5428"

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Bojan Smojver

Thanks Martin!

A push to testing repo would also be highly appreciated. :-)

--
Bojan
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Gerald B. Cox

On Wed, Mar 22, 2017 at 2:21 AM, Martin Stransky 
wrote:

> Sorry I overlooked this one. Builds are in koji now, firefox-52.0-6.



Thanks, installed.  Works great!
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Matthew Miller

On Wed, Mar 22, 2017 at 07:22:58PM +0100, Marcus Karlsson wrote:
> I know of several sites that use Ubuntu with the universe component
> disabled and only use packages from main specifically because they are
> well-supported by the security team. That does not necessarily make up a
> majority of their users, but it's definitely a reason why some people
> use it.

Unless there is an actionable suggestion for something Fedora could
learn from and thereby improve our development processes or policies,
let's please avoid a big off-topic thread. Thanks.


-- 
Matthew Miller

Fedora Project Leader
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Marcus Karlsson

On Wed, Mar 22, 2017 at 11:59:51AM +0100, Jiri Eischmann wrote:
> Greg Evenden píše v St 22. 03. 2017 v 02:26 +:
> > might as well use Google-Chrome , Least one doesnt have to WAIT a
> > year or so for a Update to a security Bug thats pretty serious, an ya
> > wonder why more users use UBUNTU 
> 
> Sure, someone who can't wait a couple of days for a fix (I'm not saying
> it's not a valid concern) will use Ubuntu with thousands of
> unmaintained packages in universe with tons of unfixed security issues
> :)
> I don't think security is the reason why people choose it over other
> distributions.

I know of several sites that use Ubuntu with the universe component
disabled and only use packages from main specifically because they are
well-supported by the security team. That does not necessarily make up a
majority of their users, but it's definitely a reason why some people
use it.

Marcus
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread M. Edward (Ed) Borasky

On Wed, Mar 22, 2017 at 4:09 AM Jiri Eischmann  wrote:

> I'd like to point out that the last build was done on Sept 20. Yes, 7
> months ago. So it has probably its own fair share of unfixed CVEs and
> thus it should really not be recommended to use.
>
> If you'd like to have the latest Firefox immediately, you can use our
> Flatpak repo where we really build Firefox Nightly every single day:
> https://firefox-flatpak.mojefedora.cz/
>
> Thanks! I've been testing the Mozilla Firefoxes for a while but would be
happy to test the Flatpak versions as well.

I don't want to turn this into a Fedora vs. Ubuntu thread, but if someone
wants to start one I'd be happy to toss in my (n - 1) cents. ;-)
-- 
How many people can stand on the shoulders of a giant before the giant
collapses?
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Jiri Eischmann

Pavel Valena píše v St 22. 03. 2017 v 04:36 -0400:
> - Original Message -
> > From: "Greg Evenden" <gre...@fedoraproject.org>
> > To: devel@lists.fedoraproject.org
> > Sent: Wednesday, March 22, 2017 3:26:48 AM
> > Subject: Re: Firefox 52.0.1: CVE-2017-5428
> > 
> > > Does anyone know whether the fix for this problem is already in
> > > F25
> > > builds of FF or should a new build be prepared and pushed to fix
> > > this?
> > > 
> > > See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819
> > 
> > might as well use Google-Chrome , Least one doesnt have to WAIT a
> > year or so
> > for a Update to a security Bug thats pretty serious, an ya wonder
> > why more
> > users use UBUNTU
> 
> You can try copr:
> https://copr.fedorainfracloud.org/coprs/jackgreiner/firefox-trunk/
> 
> I did not test it thoroughly, but the trunk/nightly version seems to
> work fine.

I'd like to point out that the last build was done on Sept 20. Yes, 7
months ago. So it has probably its own fair share of unfixed CVEs and
thus it should really not be recommended to use.

If you'd like to have the latest Firefox immediately, you can use our
Flatpak repo where we really build Firefox Nightly every single day:
https://firefox-flatpak.mojefedora.cz/

Jiri

signature.asc
Description: This is a digitally signed message part
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Jiri Eischmann

Greg Evenden píše v St 22. 03. 2017 v 02:26 +:
> might as well use Google-Chrome , Least one doesnt have to WAIT a
> year or so for a Update to a security Bug thats pretty serious, an ya
> wonder why more users use UBUNTU 

Sure, someone who can't wait a couple of days for a fix (I'm not saying
it's not a valid concern) will use Ubuntu with thousands of
unmaintained packages in universe with tons of unfixed security issues
:)
I don't think security is the reason why people choose it over other
distributions.

Jiri 

signature.asc
Description: This is a digitally signed message part
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Kevin Kofler

Greg Evenden wrote:
> might as well use Google-Chrome , Least one doesnt have to WAIT a year or
> so for a Update to a security Bug thats pretty serious, an ya wonder why
> more users use UBUNTU

"A year or so"??? The bug report is only 3 days old!

Kevin Kofler
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Martin Stransky


On 03/22/2017 01:22 AM, Bojan Smojver wrote:

Does anyone know whether the fix for this problem is already in F25
builds of FF or should a new build be prepared and pushed to fix this?

See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819



Sorry I overlooked this one. Builds are in koji now, firefox-52.0-6.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-22 Thread Pavel Valena

- Original Message -
> From: "Greg Evenden" <gre...@fedoraproject.org>
> To: devel@lists.fedoraproject.org
> Sent: Wednesday, March 22, 2017 3:26:48 AM
> Subject: Re: Firefox 52.0.1: CVE-2017-5428
> 
> > Does anyone know whether the fix for this problem is already in F25
> > builds of FF or should a new build be prepared and pushed to fix this?
> > 
> > See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819
> might as well use Google-Chrome , Least one doesnt have to WAIT a year or so
> for a Update to a security Bug thats pretty serious, an ya wonder why more
> users use UBUNTU

You can try copr:
https://copr.fedorainfracloud.org/coprs/jackgreiner/firefox-trunk/

I did not test it thoroughly, but the trunk/nightly version seems to work fine.

Pavel Valena
Associate Software Engineer
Brno, Czech Republic

RED HAT | TRIED. TESTED. TRUSTED.
All of the airlines in the Fortune Global 500 rely on Red Hat.
Find out why at Trusted | Red Hat

<http://www.redhat.com/en/about/trusted>
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

2017-03-21 Thread Greg Evenden

> Does anyone know whether the fix for this problem is already in F25
> builds of FF or should a new build be prepared and pushed to fix this?
> 
> See: https://bugzilla.redhat.com/show_bug.cgi?id=1433819
might as well use Google-Chrome , Least one doesnt have to WAIT a year or so 
for a Update to a security Bug thats pretty serious, an ya wonder why more 
users use UBUNTU 
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

Re: Firefox 52.0.1: CVE-2017-5428

11 matches

Site Navigation

Mail list logo

Footer information