----------------------------------------------------------------------------------
@MSGID: 1@dont-email.me> 4078c38e
@REPLY: 1@reader2.panix.com> 000f6f98
@REPLYADDR Henrik Carlqvist
<Henrik.Carlqvist@deadspam.com>
@REPLYTO 2:5075/128 Henrik Carlqvist
@CHRS: CP866 2
@RFC: 1 0
@RFC-Message-ID: 1@dont-email.me>
@RFC-References: 1@reader2.panix.com>
1@dont-email.me>1@reader2.panix.com>
@TZUTC: -0000
@PID: Pan/0.139 (Sexual Chocolate; GIT bf56508
git://git.gnome.org/pan2)
@TID: FIDOGATE-5.12-ge4e8b94
On Tue, 12 Sep 2023 09:04:01 +0000, John Forkosh wrote:
> Did my preceding followup show up on your newsreader???...
> Some additional googling solved the problem...
> (a) downloaded script latest-firefox.sh
> from
https://gist.github.com/ruario/9672798
> (b) then ran the script to create
> mozilla-firefox-117.0-x86_64-1ro.tgz
Yes, it did show up in the newsreaded that you had found a "solution" to
the second part of your question but this did not answer the first part
of your initial question:
> So what did I do wrong, and how do I upgrade firefox
> so that it actually works?
The "solution" that you have found is to download and repackage a binary
firefox from mozilla which is supposed to work on most Linux
distributions.
Slackware provides prebuilt patch packages built from sources on specific
versions of Slackware. As of today, such packages are built for Slackware
15.0 and Slackware current.
However, if you are no longer running the latest Slackware current, but a
several months old obsolete current install, the Slackware provided
package for current might no longer work with your old libraries.
The solution that you have found is a very good solution for people still
using Slackware 14.2 for which Slackware no longer provides firefox
packages. The reason that Slackware does not provide Firefox security
updates for Slackware 14.2 or older versions is that the Firefox sources
no longer compiles with those old libraries and/or compilers.
However, for stable version Slackware 15.0 and alpha version Slackware
current, the best solution would be to not only upgrade Firefox but to
apply all updates provided by Slackware to fix many more security issues.
Since Feb-07 in the ChangeLog.txt of Slackware current at
http://ftp.slackware.com/pub/slackware/slackware-current/ChangeLog.txt
I can count to 19 CVEs (vulnerabilities) fixed in Firefox and 24 CVEs
(vulnerabilities) fixed in other packages only in the remaining part of
Februari 2023. By upgrading only the Firefox package you have now fixed
those 19 vulnerabilities and and possibly also about 100 more in Firefox.
However, you still have hundreds of known vulnerabilities in other
installed and used packages.
The right way to use Slackware current is to upgrade all packages, at
least as often as a CVE is mentioned in the ChangeLog.txt. If you are
afraid that upgrading to latest current might break something, then
current is not for you. Then you should instead run a stable version of
Slackware which only gets security updates.
regards Henrik
--- Pan/0.139 (Sexual Chocolate; GIT bf56508 git://git.gnome.org/pan2)
* Origin: A noiseless patient Spider (2:5075/128)
SEEN-BY: 5001/100 5005/49 5015/255 5019/40 5020/715
848 1042 4441 12000
SEEN-BY: 5030/49 1081 5058/104 5075/128
@PATH: 5075/128 5020/1042 4441