|
| From: | awakeyet |
| Subject: | Re: [Bug-gnuzilla] [Slackbuilds-users] icecat 38.8.0 crashes |
| Date: | Thu, 18 Aug 2016 18:46:56 +0100 (BST) |
"not clear why Mozilla would not want the same as Gnuzilla"
If we look into the deep reality, we'll see that them are 2 different
projects with really different aims.
Mozilla is basically financed by giant corporations with contracts to
benefit those giants' market strategies. This is not always compatible
with privacy and FOSS components&protocols.
El 16/08/16 a les 20:51, address@hidden ha escrit:Thank you for sharing your views Ivan.
I just want to make clear as perhaps my previous post may have given a
wrong impression. It was not my intention for what I said to be taken as
criticism of Gnuzilla in any way.
Peoples' efforts on projects such as Gnuzilla, SBo work and all similar
I find truly amazing.
I must admit I am not clear why Mozilla would not want the same as
Gnuzilla and why that project would conflict with Gnuzilla ideas. Mind
you, the complexities of the human condition are huge :-)
Perhaps it is safe to say that it is better to just wait and see how it
all pans out and what emerges.
Thank you again.
Peace and good will to all.
Habs
On 16 August 2016 at 19:05, Ivan Zaigralin <address@hidden
<mailto:address@hidden>> wrote:
Personally, I am somewhat unhappy about the gnuzilla update/security
policy.
The move to forties apparently is not happening because it breaks
saved cookie
preferences or something, but I have to question the wisdom of
withholding
fixes for remote code execution because of that.
Having said that, I think we need to take a few factors into
consideration.
First of all, it's not gnuzilla's fault firefox is so insequre, it's
mozilla's
fault. This browser has like a million holes in it, and may be the most
updated package in Slackware. Lagging a few releases behind sucks,
especially
when the bugs are made public, but at the same time it looks like every
firefox release in the last few years had terrible security holes in
it, so I
don't really feel that much safer using the latest version, and
neither should
you. If security is very important to a user, it may be prudent to
switch
browsers.
Also, gnuzilla has a mission and a goal, and mozilla is not making
it easy.
They keep putting more and more ugly stuff into firefox and changing the
security policy, like with the cookies above, while gnuzilla team is
committed
to releasing a product which meets their rather high standards. As a
volunteer
effort, they've done great, and it would be completely unfair to
chastise them
for lagging behind mozilla, since gnizilla are not the ones breaking
it it
every release cycle.
Finally, I believe there is a niche opening up for a firefox-based
browser
which is libre and meets free software distrubution guidelines like
icecat,
but has no extra privacy features, and passes all the mozilla pearls
onto the
users. Such minimal deblobbing could be potentially more robust:
that is, new
releases could be churned out as quickly and reliably as
linux-libre. Looking
at Parabola's thunderbird & seamonkey builds, I imagine something
like that
could be done for firefox as well. Anyone can step in and claim the
glory for
this one :) I don't have time to write a slackbuild like that and
run it by
FSF, but if anyone did it, I think I would actually switch.
On Tuesday, August 16, 2016 09:57:03
address@hidden
<mailto:address@hidden> wrote:
> Good morning
>
> Having got latest Icecat building with the -Os switch, it seems
there are
> some reports of [serious?] security issues with it.
>
> Here is where I first read something:
>
https://lists.gnu.org/archive/html/bug-gnuzilla/2016-08/msg00000.html <https://lists.gnu.org/archive/html/bug-gnuzilla/2016-08/msg00000.html>
>
> And I have seen further discussion and consternation about what to
do with
> Icecat and perhaps not using Firefox as base etc. I'm really
relatively
> only a 'user' so to speak, so I'm interested to know what others
feel....is
> there a serious security risk ?
>
> I realise this is SBo and not an Icecat forum, but I wonder what the
> contributors (and maintainer) on SBo feel about the reports being
made;
> should it affect whether Icecat is on SBo if its known to be
'risky', or
> does it not matter, should comments be made [in the info] or is it
up to
> anyone wanting to use it to be self-aware and generally any other
comments
> to share.
>
> If this list really is inappropriate for posts like this (whatever
'this'
> is), then just let me know.....but I would be interested in what more
> knowledgeable people on SBo feel ?
>
>
> Thank you and good day to all.
> Habs
>
> On 8 August 2016 at 23:16, <address@hidden
<mailto:address@hidden>> wrote:
> > hi there all
> >
> > I have tried the -Os switch and it does appear to remedy the
problem.
> > Icecat no longer crashes in the scenario(s) I have documented.
> >
> > I wonder what the -O2 switch does differently to the -Os one.
> >
> > So for now that does appear to be the 'fix'. Thank you all.
> >
> >
> > Habs
> >
> > On 8 August 2016 at 20:36, Ryan P.C. McQuen <address@hidden
<mailto:address@hidden>> wrote:
> >> On Monday, August 8, 2016, Ivan Zaigralin
<address@hidden <mailto:address@hidden>> wrote:
> >>> I still can't replicate any crash whatsoever, even in places where
> >>> others
> >>> report them. However, Matt tells me that crashes went away
after he
> >>> rebuilt
> >>> with -Os. He also mentioned he's got an AMD Phenom, whereas I
am using
> >>> Intel
> >>> CPU, which may explain why I am unable to hit this snag.
> >>>
> >>> I can certainly submit a fixed SlackBuild if there's a
consensus -Os is
> >>> an
> >>> effective fix. Please let me know :)
> >>
> >> Seems like that would be valid, since Slackware's own Firefox
build was
> >> passing that for version 43, and only removed it for versions
past 43:
> >>
> >> (Changelog reference):
> >>
> >> Wed Dec 23 22:44:58 UTC 2015
> >> a/lvm2-2.02.138-i586-1.txz: Upgraded.
> >> ap/ghostscript-9.18-i586-1.txz: Upgraded.
> >> ap/lsof-4.89-i586-1.txz: Upgraded.
> >> l/pycups-1.9.73-i586-1.txz: Upgraded.
> >> l/pycurl-7.19.5.3-i586-1.txz: Upgraded.
> >> n/NetworkManager-1.0.10-i586-1.txz: Upgraded.
> >> n/curl-7.46.0-i586-1.txz: Upgraded.
> >> n/links-2.12-i586-1.txz: Upgraded.
> >> n/obexfs-0.12-i486-1.txz: Removed.
> >>
> >> This functionality is now included in the obexftp package.
> >>
> >> n/obexftp-0.24-i586-1.txz: Upgraded.
> >>
> >> Thanks to Robby Workman.
> >>
> >> n/openobex-1.7.1-i586-1.txz: Upgraded.
> >>
> >> Thanks to Robby Workman.
> >>
> >> n/rsync-3.1.2-i586-1.txz: Upgraded.
> >> x/libXi-1.7.6-i586-1.txz: Upgraded.
> >> x/pixman-0.33.6-i586-1.txz: Upgraded.
> >> x/xorg-cf-files-1.0.6-noarch-1.txz: Upgraded.
> >> xap/mozilla-firefox-43.0.2-i586-2.txz: Rebuilt.
> >>
> >> Compile with -Os instead of -O2 to work around crash issues.
> >> Recent betas are working fine with -O2, so we'll probably be
> >> able to switch back to that again soon. Thanks to j_v.
> >>
> >> --
> >> -Ryan
> >> [ryanpcmcquen.org <http://ryanpcmcquen.org>]
> >>
> >>
> >> _______________________________________________
> >> SlackBuilds-users mailing list
> >> address@hidden
<mailto:address@hidden>
> >> http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
<http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users>
> >> Archives -
https://lists.slackbuilds.org/pipermail/slackbuilds-users
<https://lists.slackbuilds.org/pipermail/slackbuilds-users>
> >> FAQ - https://slackbuilds.org/faq
--
http://gnuzilla.gnu.org
--
http://gnuzilla.gnu.org
--
http://gnuzilla.gnu.org
| [Prev in Thread] | Current Thread | [Next in Thread] |