Hi, Am 10.09.2010 16:24, schrieb pistazienfresser (see profile):
Hello maintainers of Mozilla programs, hello all,
there seems to be a 'known' security related bug (potential Cross-Site Scripting Attacks) on several versions of Thunderbird and Firefox. Is it also known to you (pl.)?
You got me during vacation which delayed my answer to that. So let me describe what usually happens with Firefox and Thunderbird updates. The last round of security updates you refer to were published on Sep 7th. Exactly at that day I've published the updates in my buildservice mozilla repository which is used by a lot of people. But those are no official packages as they are just gone through my own "QA" when published. So there is low risk that they are breaking things (which would get fixed fast though). For the official openSUSE updates there is a bigger process to prepare updates. That process can only begin when Mozilla is publishing their updates as before that we cannot be sure that they don't delay them because there are blocker bugs found late. Packages are prepared at the release day, submitted and built against the openSUSE base distribution. They get QA and are released when that is finished. How long this can take varies as for example we needed another patch to compile Firefox on released distributions which wasn't noticed before. There is basically nothing you need to or can do to speed up the release process for the Mozilla apps. The only thing you can do is to include the mozilla repository to your package manager. You will get new versions basically at the same time as Mozilla releases them but you take a little more risk (which should be really only a little) of breaking something for a short period of time. Probably Marcus has more comments on that? Wolfgang -- To unsubscribe, e-mail: opensuse-factory-mozilla+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory-mozilla+help@opensuse.org