Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Tue, Mar 14, 2017 at 09:57:12AM +0100, Martin Husemann wrote: > On Tue, Mar 14, 2017 at 01:16:35AM +0700, Robert Elz wrote: > > A Vague memory from the distant past suggests that the thing to try > > is to move aside the .mozilla directory, and allow the new firefox > > to start in a completely clean environment. > > Yes, this is a generic "firefox shows strange symptoms" debuggin advice. > > Alternatively you can run: firefox -P > and create a brand new profile for testing. If that works better, something > in your old profile is broken. AND: remove and rebuild your fontconfig related directories. > Also testin without any plugins/addons is always a good idea. Another tip: I think I've needed to manipulate the stack limits in the past, to make firefox run. Too big stack was bad, because threading allocated multiple versions of it. Don't know if this is still relevant - my current login.conf on a related machine has stacksize-cur=4M -is
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Tue, Mar 14, 2017 at 01:16:35AM +0700, Robert Elz wrote: > A Vague memory from the distant past suggests that the thing to try > is to move aside the .mozilla directory, and allow the new firefox > to start in a completely clean environment. Yes, this is a generic "firefox shows strange symptoms" debuggin advice. Alternatively you can run: firefox -P and create a brand new profile for testing. If that works better, something in your old profile is broken. Also testin without any plugins/addons is always a good idea. Martin
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
Marco Beishuizen wrote: > I'm experiencing the same problems on the ESR versions. So I'm guessing > it's a specific i386 problem and not a version problem. It's also not a > recent problem but happening for several months now. I recall the same thing on the first day after building FF45 (on amd64); it doesn't appear anymore for some reason. No data corruption, just core dumps. -- Cág
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
A Vague memory from the distant past suggests that the thing to try is to move aside the .mozilla directory, and allow the new firefox to start in a completely clean environment. I kind of recall that continuous startup problems, which only affect some users, tend to be related to data somewhere in there (I have no idea which data) something isn't the way the new version expects it, and all kinds of problems ensue. If your old version is still working, you should probably have it export everything possible that you can first (bookmarks, etc) so that if the new one works in a clean environment you can import as much of what you'd hope to retain as possibble. Of course, this might all be a red herring, so don't destroy the old .mozilla directory, just move it, so it coudl be replaced if this turns out not to be the problem (also so that it can be replaced if you decide to revert to the old version.) kre
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
"J. Lewis Muir"writes: > > Do you actually use that version for everyday use? According to [1], > there are many security vulnerabilities that have been fixed since > Firefox 47, and I would bet many of those vulnerabilities exist in > Firefox 47. That's OK to you? > Yes, I use it everyday. It's not ok to me, but I realize the security risk and feel there aren't other good browser options. I also realize NetBSD is a volunteer project, and I'm not trying to denigrate anyone, but there are lots of other vulnerabilities in stable pkgsrc now. At the moment, I've got about ~270 packages installed with about 100 different vulnerabilities, so having a few for a working firefox doesn't seem like a big deal. Kind Regards >lintpkgsrc -i Scan Makefiles: .. Bogus: ${DISTNAME:tl:S/_pl//}-0.1 (from /usr/pkgsrc/devel/calltree-perl/Makefile) Bogus: ${KBUILDNAME:tl}-0.1.9998.8.2814.25 (from /usr/pkgsrc/devel/kbuild/Makefile) 14960 packages Version mismatch: 'firefox' 47.0.1 vs 50.1.0 Installed vulnerable packages: Package jpeg-9b has a multiple-vulnerabilities vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3616 Package jasper-1.900.29nb1 has a unspecified vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9560 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5498 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5499 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5500 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5501 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5502 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5503 Package jasper-1.900.29nb1 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5504 Package openjpeg-2.1.2 has a null-pointer-bug vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9114 Package openjpeg-2.1.2 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9117 Package openjpeg-2.1.2 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9115 Package openjpeg-2.1.2 has a buffer-overflow vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9118 Package openjpeg-2.1.2 has a null-pointer-bug vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9113 Package openjpeg-2.1.2 has a null-pointer-bug vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9116 Package openjpeg-2.1.2 has a floating-point-exception vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9112 Package libarchive-3.2.1nb2 has a denial-of-service vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601 Package libarchive-3.2.1nb2 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8689 Package libarchive-3.2.1nb2 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8687 Package libarchive-3.2.1nb2 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8688 Package pcre-8.39 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6004 Package policykit-0.9nb20 has a integer-overflow vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4625 Package policykit-0.9nb20 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3218 Package policykit-0.9nb20 has a privilege-escalation vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3255 Package policykit-0.9nb20 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3256 Package zziplib-0.13.59 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5974 Package zziplib-0.13.59 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5975 Package zziplib-0.13.59 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5976 Package zziplib-0.13.59 has a denial-of-service vulnerability, see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5977 Package zziplib-0.13.59 has a denial-of-service
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Mon, Mar 13, 2017 at 05:11:59PM +0100, Marco Beishuizen wrote: > On Mon, 13 Mar 2017, the wise co...@sdf.org wrote: > > > Mozilla maintains an 'Extended Support Release' which has security fixes > > backported to it, so it will be a better choice for such cases. > > Currently, it is www/firefox45 - it is updated whenever www/firefox is, > > containing fixes for the same vulnerabilities. Soon firefox52 (current > > non-ESR version) will become ESR. > > I'm experiencing the same problems on the ESR versions. So I'm guessing it's > a specific i386 problem and not a version problem. It's also not a recent > problem but happening for several months now. FWIW, I'm running current on a pretty old (Asus P4B533, P4 2.26GHz 2Gb mem) machine. Had one (known) problem with FF 51 that created coredumps at exit time. That bug is fixed in FF 52. Another problem with certain recent FF versions (the ones after FF 45 where gfx.xrender.enabled changed to false by default) was that when visiting a site with huge images the xorg process suddenly got to (and stayed at) 80% CPU or so. At the moment both FF 45 (compiled with GTK2) and FF 52 (compiled with GTK3) work fine for me on everything I throw at it. Onno
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Mon, 13 Mar 2017, the wise co...@sdf.org wrote: Mozilla maintains an 'Extended Support Release' which has security fixes backported to it, so it will be a better choice for such cases. Currently, it is www/firefox45 - it is updated whenever www/firefox is, containing fixes for the same vulnerabilities. Soon firefox52 (current non-ESR version) will become ESR. I'm experiencing the same problems on the ESR versions. So I'm guessing it's a specific i386 problem and not a version problem. It's also not a recent problem but happening for several months now. Regards, Marco -- ... a thing called Ethics, whose nature was confusing but if you had it you were a High-Class Realtor and if you hadn't you were a shyster, a piker and a fly-by-night. These virtues awakened Confidence and enabled you to handle Bigger Propositions. But they didn't imply that you were to be impractical and refuse to take twice the value for a house if a buyer was such an idiot that he didn't force you down on the asking price. -- Sinclair Lewis, "Babbitt"
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Mon, 13 Mar 2017, the wise Martin Husemann wrote: If anyone has receipes to easily make it crash, please send-pr! Debugging often is simple, if you can reproduce it. I'll fire off an i386 build with debug info tonight... I'm unable to pinpoint the problem because FF crashes on every site it opens and after a few seconds of use, even on the preferences and add-ons windows. Regards, Marco -- TO THOSE OF YOU WHO DESIRE IT, I GRANT YOU MADRAK'S BLESSING: Insofar as I may be heard by anything, which may or may not care what I say, I ask, if it matters, that you be forgiven for anything you may have done or failed to do which requires forgiveness. Conversely, if not forgiveness but something else be required to insure any possible benefit for which you may be eligible after the destruction of your body, I ask that this, whatever it may be, be granted or withheld, as the case may be, in such a manner as to insure your receiving said benefit. I ask this in my capacity as your elected intermediary between yourself and that which may have an interest in the matter of your receiving as much as it is possible for you to receive of this thing, and which may in some way be influenced by this ceremony. Amen. -- Roger Zelazny, "Creatures of Light and Darkness", 1969
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Mon, Mar 13, 2017 at 10:24:44AM -0500, J. Lewis Muir wrote: > On 03/11, scole_mail wrote: > > Marco Beishuizenwrites: > > > > > > It's on NetBSD/i386 7.0.2. > > > > I guess I've also been having that same issue on i386 for awhile. The > > last stable version that worked for me was firefox-47.0.1 which was in > > pkgsrc-2016Q2 I believe. So I've been using that version. > > Do you actually use that version for everyday use? According to [1], > there are many security vulnerabilities that have been fixed since > Firefox 47, and I would bet many of those vulnerabilities exist in > Firefox 47. That's OK to you? Mozilla maintains an 'Extended Support Release' which has security fixes backported to it, so it will be a better choice for such cases. Currently, it is www/firefox45 - it is updated whenever www/firefox is, containing fixes for the same vulnerabilities. Soon firefox52 (current non-ESR version) will become ESR.
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
If anyone has receipes to easily make it crash, please send-pr! Debugging often is simple, if you can reproduce it. I'll fire off an i386 build with debug info tonight... Martin
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, Mar 11, 2017 at 06:19:55PM -0800, scole_mail wrote: > Marco Beishuizenwrites: > > > > It's on NetBSD/i386 7.0.2. > > I guess I've also been having that same issue on i386 for awhile. The > last stable version that worked for me was firefox-47.0.1 which was in > pkgsrc-2016Q2 I believe. So I've been using that version. Possibly unrelated but was the cause of similar issues in the past: things having stack unaligned on i386 only and needing -mstackrealign (especially things with human-written asm, and a lot of video decoding stuff like ffmpeg3 is like that). I'm not sure if it's kind enough to let you know it's dying with SIGBUS. I'd blindly apply -mstackrealign to everything to see if it helps (via /etc/mk.conf)
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
Marco Beishuizenwrites: > > It's on NetBSD/i386 7.0.2. I guess I've also been having that same issue on i386 for awhile. The last stable version that worked for me was firefox-47.0.1 which was in pkgsrc-2016Q2 I believe. So I've been using that version. I think these are the commands I used to roll back to that version and rebuild it with pkgsrc=pkgsrc-2016Q4, and firefox=pkgsrc-2016Q2 cd .../pkgsrc/www/firefox cvs -q update -dP -r pkgsrc-2016Q2 bmake install bmake clean # revert sources back to pkgsrc-2016Q4 cvs -q update -dP -r pkgsrc-2016Q4 I don't know if this method will work if you are using current pkgsrc. Thanks
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, 11 Mar 2017, the wise Martin Husemann wrote: On what architecture is that? It's on NetBSD/i386 7.0.2. -- This is the LAST time I take travel suggestions from Ray Bradbury!
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, Mar 11, 2017 at 10:24:00PM +0100, Marco Beishuizen wrote: > Unfortunately just as crashy as before (segmentation fault on random sites, > and in preferences and add-ons tabs). Switching to another browser for now. On what architecture is that? Martin
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, 11 Mar 2017, the wise Martin Husemann wrote: On Sat, Mar 11, 2017 at 09:06:03PM +0100, Marco Beishuizen wrote: I'm rebuilding it as we speak with the suggested option so I'm hoping that it's a bit more than just a logo thing. No, it is just the logo. Unfortunately just as crashy as before (segmentation fault on random sites, and in preferences and add-ons tabs). Switching to another browser for now. Regards, Marco -- We are all born charming, fresh and spontaneous and must be civilized before we are fit to participate in society. -- Judith Martin, "Miss Manners' Guide to Excruciatingly Correct Behaviour"
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, Mar 11, 2017 at 09:06:03PM +0100, Marco Beishuizen wrote: > I'm rebuilding it as we speak with the suggested option so I'm hoping that > it's a bit more than just a logo thing. No, it is just the logo. Martin
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, 11 Mar 2017, the wise co...@sdf.org wrote: To add to what jak said, it is the stable version. It just lacks the trademarked Mozilla stuff like their logo. There was some drama in the past which resulted in this being a build option, you can read about it here: https://en.wikipedia.org/wiki/Mozilla_software_rebranded_by_Debian#Firefox_issue_resolution I thought the nightly version is some kind of development/testing version. The reason for my question is that the version in pkgsrc is really very unstable and crashes for no appearent reason. So next step was to test the official "release" version of FF. I'm rebuilding it as we speak with the suggested option so I'm hoping that it's a bit more than just a logo thing. Thanks for the help anyway and I'll be back when it's finished building (NetBSD on a not very fast laptop). Regards, Marco -- Ubi non accusator, ibi non judex. (Where there is no police, there is no speed limit.) -- Roman Law, trans. Petr Beckmann (1971)
Re: Installing FF 52 from pkgsrc: "stable" version instead of nightly
On Sat, Mar 11, 2017 at 05:12:19PM +0100, Marco Beishuizen wrote: > Hi, > > Installing FF from /usr/pkgsrc/www/firefox always results in the > "nightly" version of FF. But I want the regular stable/release > version. How do I do that? > > Even installing the esr version results in a nightly version. You'd need to build yourself with PKG_DEFAULT_OPTIONS+=official-mozilla-branding Jonathan Kollasch
Installing FF 52 from pkgsrc: "stable" version instead of nightly
Hi, Installing FF from /usr/pkgsrc/www/firefox always results in the "nightly" version of FF. But I want the regular stable/release version. How do I do that? Even installing the esr version results in a nightly version. Regards, Marco -- Boys are beyond the range of anybody's sure understanding, at least when they are between the ages of 18 months and 90 years. -- James Thurber