Mailinglist Archive: opensuse (1218 mails)
| < Previous | Next > |
Re: [opensuse] OT - Firefox 10 relieves add-on updating pain
- From: John Andersen <jsamyth@xxxxxxxxx>
- Date: Fri, 03 Feb 2012 10:40:18 -0800
- Message-id: <4F2C2A12.1050706@gmail.com>
On 2/3/2012 9:06 AM, David C. Rankin wrote:
I fully agree. Having two choices seems rational, and most of the plugin issues
have gone away anyway by the time you get to 10.
Since every mail account I use is IMAP, swapping out one MUA for another is not
a problem. I might feel differently if I was still running POP accounts. (why
would I run pop?)
There is really not that much that OpenSuse does to stock TB anyway, other than
packaging. I seriously doubt they have the time to evaluate every line of code
in every patch, so the "security" issue is mostly bogus in my mind.
Backporting real security fixes to something as old as 3.x is just as risky as
updating to
a later build.
This seems to be a political issue, perhaps there is some friction between
Mozilla and
Opensuse. We see wholesale adoption of many things way too soon, (systemd,
entire kde 4.0,
Pulse Audio, kmail2 etc. etc. etc.) but then we are stuck multiple releases back
on Mozilla apps. Why the dichotomy?
--
_____________________________________
---This space for rent---
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
On 02/02/2012 06:40 AM, Wolfgang Rosenauer wrote:
We are aware of the ESR releases and the lifetime of the FF3.6 and TB3.1 series.
What we haven't discussed in detail yet is if we want those and stay on them in
the official update channel for openSUSE!
Hmm...
Since opensuse isn't a rolling-release (yet), I would propose that the update repo
move to 10 and hold there for ff & tb. This will draw
howls from those whose favorite add-ons are broken by the update from 3.6->10,
but if the XSS security considerations warrant it, it is
better to have opensuse's reputation for 'security' within its 'maintained'
(not yet EOL) releases take precedent over the add-on
consideration. Other than add-ons, the upgrade path from 3.6 -> 10 is seamless.
In summary:
http://ftp5.gwdg.de/pub/opensuse/update/
(move to 10 and stick for LTS)
http://ftp5.gwdg.de/pub/opensuse/repositories/mozilla/
(continue to follow the rapid-fire releases)
You don't want distrowatch footnoting that some supported versions contain
serious vulnerabilities.
Just my take on the issue.
I fully agree. Having two choices seems rational, and most of the plugin issues
have gone away anyway by the time you get to 10.
Since every mail account I use is IMAP, swapping out one MUA for another is not
a problem. I might feel differently if I was still running POP accounts. (why
would I run pop?)
There is really not that much that OpenSuse does to stock TB anyway, other than
packaging. I seriously doubt they have the time to evaluate every line of code
in every patch, so the "security" issue is mostly bogus in my mind.
Backporting real security fixes to something as old as 3.x is just as risky as
updating to
a later build.
This seems to be a political issue, perhaps there is some friction between
Mozilla and
Opensuse. We see wholesale adoption of many things way too soon, (systemd,
entire kde 4.0,
Pulse Audio, kmail2 etc. etc. etc.) but then we are stuck multiple releases back
on Mozilla apps. Why the dichotomy?
--
_____________________________________
---This space for rent---
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx
| < Previous | Next > |