[opensuse-security] Re: [security-announce] openSUSE-SU-2015:1658-1: important: Security update for MozillaFirefox
opensuse-security@opensuse.org wrote:
openSUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:1658-1 Rating: important References: #947003 Cross-References: CVE-2015-4476 CVE-2015-4500 CVE-2015-4501 CVE-2015-4502 CVE-2015-4503 CVE-2015-4504 CVE-2015-4505 CVE-2015-4506 CVE-2015-4507 CVE-2015-4508 CVE-2015-4509 CVE-2015-4510 CVE-2015-4511 CVE-2015-4512 CVE-2015-4516 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7178 CVE-2015-7179 CVE-2015-7180
Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________
An update that fixes 27 vulnerabilities is now available.
Why are the updates for Firefox and Chromium tracked continuously, while Seamonkey is updated only very occasionally? The version on openSUSE 13.1 is still 2.33.1 and Seamonkey complains it is outdated. Regards, Rob Janssen -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Rob Janssen wrote:
opensuse-security@opensuse.org wrote:
openSUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:1658-1 Rating: important References: #947003 Cross-References: CVE-2015-4476 CVE-2015-4500 CVE-2015-4501 CVE-2015-4502 CVE-2015-4503 CVE-2015-4504 CVE-2015-4505 CVE-2015-4506 CVE-2015-4507 CVE-2015-4508 CVE-2015-4509 CVE-2015-4510 CVE-2015-4511 CVE-2015-4512 CVE-2015-4516 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7178 CVE-2015-7179 CVE-2015-7180 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________
An update that fixes 27 vulnerabilities is now available.
Why are the updates for Firefox and Chromium tracked continuously, while Seamonkey is updated only very occasionally? The version on openSUSE 13.1 is still 2.33.1 and Seamonkey complains it is outdated.
Good question. Especially since Seamonkey 2.38 was released a couple of days ago which is AFAIK based on the same components like Firefox 41. So if Firefox 41 is an important security update then Seamonkey 2.38 would also be an important security update. Ciao, Michael.
Hi, Am 01.10.2015 um 11:03 schrieb Michael Ströder:
Rob Janssen wrote:
Why are the updates for Firefox and Chromium tracked continuously, while Seamonkey is updated only very occasionally? The version on openSUSE 13.1 is still 2.33.1 and Seamonkey complains it is outdated.
Seamonkey is not able to keep up with the releases. Sometimes they skip them, usually they are quite delayed after the related Firefox release.
Good question. Especially since Seamonkey 2.38 was released a couple of days ago which is AFAIK based on the same components like Firefox 41. So if Firefox 41 is an important security update then Seamonkey 2.38 would also be an important security update.
I'll submit it soon. I just submitted Thunderbird 38.3 which also was only available after quite some delay. Wolfgang -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Wolfgang Rosenauer wrote:
Hi,
Am 01.10.2015 um 11:03 schrieb Michael Ströder:
Rob Janssen wrote:
Why are the updates for Firefox and Chromium tracked continuously, while Seamonkey is updated only very occasionally? The version on openSUSE 13.1 is still 2.33.1 and Seamonkey complains it is outdated.
Seamonkey is not able to keep up with the releases. Sometimes they skip them, usually they are quite delayed after the related Firefox release.
Which sadly was true for a couple of months. But 2.35 and 2.38 were released in a rather short timespan. So it seems they're trying to catch up pretty soon nowadays.
Good question. Especially since Seamonkey 2.38 was released a couple of days ago which is AFAIK based on the same components like Firefox 41. So if Firefox 41 is an important security update then Seamonkey 2.38 would also be an important security update.
I'll submit it soon. I just submitted Thunderbird 38.3 which also was only available after quite some delay.
Looking forward to the update. Thank you! Ciao, Michael.
Am 01.10.2015 um 11:12 schrieb Michael Ströder:
Wolfgang Rosenauer wrote:
Hi,
Am 01.10.2015 um 11:03 schrieb Michael Ströder:
Rob Janssen wrote:
Why are the updates for Firefox and Chromium tracked continuously, while Seamonkey is updated only very occasionally? The version on openSUSE 13.1 is still 2.33.1 and Seamonkey complains it is outdated.
Seamonkey is not able to keep up with the releases. Sometimes they skip them, usually they are quite delayed after the related Firefox release.
Which sadly was true for a couple of months. But 2.35 and 2.38 were released in a rather short timespan. So it seems they're trying to catch up pretty soon nowadays.
that is part of the problem. 2.35 was released just a bit before the next planned security update was around the corner. So Seamonkey 2.35 is actually in Factory but pushing it into updates would have meant that it finally arrives at the user with already publically announced security issues. So I decided to wait for the next one. Wolfgang -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Hello, On 10/01/2015 11:12 AM, Michael Ströder wrote:
Wolfgang Rosenauer wrote:
Am 01.10.2015 um 11:03 schrieb Michael Ströder:
Rob Janssen wrote:
Why are the updates for Firefox and Chromium tracked continuously, while Seamonkey is updated only very occasionally? The version on openSUSE 13.1 is still 2.33.1 and Seamonkey complains it is outdated.
Seamonkey is not able to keep up with the releases. Sometimes they skip them, usually they are quite delayed after the related Firefox release.
Which sadly was true for a couple of months. But 2.35 and 2.38 were released in a rather short timespan. So it seems they're trying to catch up pretty soon nowadays.
Good question. Especially since Seamonkey 2.38 was released a couple of days ago which is AFAIK based on the same components like Firefox 41. So if Firefox 41 is an important security update then Seamonkey 2.38 would also be an important security update.
I'll submit it soon. I just submitted Thunderbird 38.3 which also was only available after quite some delay.
Looking forward to the update. Thank you!
The proposed seamonkey 2.38 update is now available for testing in the 13.2-test repository: http://download.opensuse.org/update/13.2-test/ If functionality of these could please be confirmed we can make an update release very soon. Andreas -- Andreas Stieger <astieger@suse.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Andreas Stieger wrote:
The proposed seamonkey 2.38 update is now available for testing in the 13.2-test repository: http://download.opensuse.org/update/13.2-test/
If functionality of these could please be confirmed we can make an update release very soon.
Looks good on Tumbleweed x86_64. Ciao, Michael.
participants (4)
-
Andreas Stieger -
Michael Ströder -
Rob Janssen -
Wolfgang Rosenauer