package update politics

[witek]

I`m wondering why the Salix developers keep updating firefox in the repo with its every new release? It seems most often updated package in Salix. Why firefox is so important and others ie. openoffice or claws-mail not?

[gapan]

Maybe because it's a major security hole?

[Shador]

I'm not maintaining firefox or thunderbird, but it's the only way afaik to get a secure browser/mail client. Mozilla started to do much faster releases necessarily, but most of them are not maintained for a longer period of time. But I guess firefox 10 is going to be a keeper as this is an ESR release, which means it's supported longer.
https://wiki.mozilla.org/Enterprise/Fir ... t:Proposal

Gapan, was faster. As he's maintaining those packages, I was right with the assumption, that there are security holes.

[ElderDryas]

As long as the subject has been brought up....

Is the security problem/hole specific to FF or with web browsers in general? I ask this because I've noticed that FF and Opera are at current versions while Midori and Chromium are not.

[gapan]

Is the security problem/hole specific to FF or with web browsers in general? I ask this because I've noticed that FF and Opera are at current versions while Midori and Chromium are not.

It mostly has to do with browser engines, not exactly browsers. FF and opera include their own engines so they have to be updated anyway, but midori uses webkit. Security holes specifically in midori are extremely rare and AFAIK there is none since version 0.3.3 which we currently have. And I don't know where you got chromium from, but it wasn't from salix, because we don't have it, at all.

[witek]

Maybe because it's a major security hole?

If so then maybe it would be simpler to replace firefox with something else?

[ElderDryas]

Thanks for the explanation.

Chromium (15.XXXXX) appears in Sourcery (at least on my box

[gapan]

If so then maybe it would be simpler to replace firefox with something else?

What else? I'm hoping that one day we'll be able to replace it with midori, but most people still want/need the features that firefox has.

Chromium (15.XXXXX) appears in Sourcery (at least on my box

Just because it's in sourcery doesn't mean it has anything to do with salix specifically. Salix doesn't offer any prebuilt packages. This one is from slackbuilds.org (as most things that appear in sourcery).

[ElderDryas]

I'm hoping that one day we'll be able to replace it with midori, but most people still want/need the features that firefox has.

The most recent version of Midori has the only FF features that I really want...an ad blocker and the ability to override the site fonts.

Just because it's in sourcery doesn't mean it has anything to do with salix specifically. Salix doesn't offer any prebuilt packages. This one is from slackbuilds.org (as most things that appear in sourcery).

Again, thanks for the explanation. Just so I'm sure I understand things: 1) If it's in gslapt, it's Salix's; 2) If it's in Sourcery, it's not (i.e., go yell at some else

[gapan]

1) If it's in gslapt, it's Salix's;

No. It could be slackware or salix. Almost half packages are by slackware, the other half by salix. If the full package name ends with a number (like util-linux-2.19-x86_64-1), it's slackware's, if it ends with a number+initials, it's salix's (like terminus-font-4.30-noarch-1tm).

2) If it's in Sourcery, it's not (i.e., go yell at some else

Not exactly. It could be slackbuilds.org and it could be salix. But the vast majority are from slackbuilds.org. Something like 3000:50. You can check the source by right clicking/Get info.