On 6/9/06, Josh Bressers <bressers@xxxxxxxxxx> wrote:
> > Matthew Miller wrote: > > On Sat, Jun 03, 2006 at 02:36:13PM -0500, David Eisenstein wrote: > > > >>It mentions a bunch of vulnerabilities (all of which seem to affect > >>Seamonkey, Thunderbird, and Firefox). After looking at each VU#, it appears > >>that none of the announcements mention the Mozilla suite. Also, at least as > >>of last night, none of them mention any CVE #'s. > > > > > > No updates for Firefox for Fedora Core yet, either.... > > > > <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194617> > > > > I heard a rumor the other day that Red Hat Enterprise Linux may be planning > to replace Mozilla with Seamonkey in their currently-maintained distros. Am > wondering if there is any truth to this rumor? Also wondering if there is > anything we in Fedora Legacy can do to help in this process of dealing with > these critical Mozilla/Firefox/Seamonkey bugs? This is true. We're going with seamonkey in RHEL. I think this current round of issues is proof as to why this has to happen. Backporting to the firefox 1.0 branch is nearly impossible given the drastic changes between versions. Right now we're furiously working on backporting patches for the most critical issues. If you want to help mail Chris Aillon (caillon@redhat) with your request. He's currently heading up a small group of various distributors trying to get all this work done.
I would say that it is not worth the effort to do that much backporting. I am having to deal with sites that just want to block old Firefox browser strings anyway at their firewalls. So my day job is basically going to be get 1.5.0.4{5,6,7} onto RHL-7.3 -> RHEL-4 anyway. My {I am not much of a coder, but have to deal with the mess left over by them} possition would be that getting a modularized javascript interpreter written, debugged, security minded than trying to back-fix things might be a better idea. -- Stephen J Smoogen. CSIRT/Linux System Administrator -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list