[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnuzilla] GNU/Icecat update (Corrected)

From: Mark H Weaver
Subject: Re: [Bug-gnuzilla] GNU/Icecat update (Corrected)
Date: Mon, 19 Mar 2018 14:05:13 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

Hi Alexander,

Alexander <address@hidden> writes:

> Firefox ESR updated on the 16th of March, 2018 to version 52.7.2 from
> 52.6.2 and we need to update Icecat to reflect those changes.

Indeed.  Unfortunately, GNU IceCat often lags behind Firefox ESR.
I agree that it is a serious problem.

If it helps, I maintain a version of IceCat for GNU Guix which is kept
up-to-date by cherry-picking fixes from the upstream mozilla-esr52
repository whenever Mozilla announces a new security advisory or ESR
release, and occasionally at random other times when I feel motivated.
In fact, Guix users often have security fixes before Firefox ESR 52
users do.

I'm personally driven to do this work because IceCat is my primary
browser, and I worry a lot about computer security.

Here's the commit log for Guix's IceCat package and a few related
packages (e.g. NSS and NSPR):


IMPORTANT CAVEAT: the patches included in Guix's IceCat package do _not_
include fixes to bundled libraries that Guix doesn't use.  Guix avoids
using many of the bundled libraries that come with IceCat (and Firefox).
Therefore, it is not enough to apply the patches from Guix to your
IceCat source tree and build.  You'd also need to avoid using the
bundled libraries that Guix avoids using, and to make sure that your
system libraries are up-to-date.

GNU Guix currently supports x86_64, i686, armv7, and aarch64 systems,
and can be installed unobtrusively (modifying only /gnu, /var/guix,
/var/log/guix, /etc/guix, ~/.guix-profile, and ~/.config/guix) on top of
an existing GNU/Linux distribution.  The software in Guix is
self-contained, using only shared libraries from Guix, all the way down
to glibc.  GuixSD is a complete free distribution based on Guix.  See
<https://gnu.org/s/guix> for details.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]