Welcome, Guest. Please login or register.
April 21, 2014, 14:22:36 PM
Home Help Search Calendar Login Register
Show unread posts since last visit.
News: Let Pardus-Anka become #1: Pardus-Anka Bug ReportPardus-Anka World Google+ | The Pardus wiki  | Visit Pardus-Anka official website  | Register as forum member?  Email the moderator!

+  Pardus Worldforum
|-+  Assistance
| |-+  Bugs
| | |-+  Firefox 2.0.0.3
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Firefox 2.0.0.3  (Read 2254 times)
Tiedemann
Newbie
*
Posts: 17


View Profile
« on: April 02, 2007, 12:33:34 PM »

Released upstream on March 20, where is this security update in the Pardus repos?
Logged
Tiedemann
Newbie
*
Posts: 17


View Profile
« Reply #1 on: April 03, 2007, 10:32:00 AM »

Updated today.

All things come to he who waits 14 days (I notice Ubuntu posted their 2.0.0.3 patch some seven days before  :roll: ).
Logged
Jan Gnodde
Global Moderator
Pardus Guru
*****
Gender: Male
Posts: 397


View Profile WWW
« Reply #2 on: April 03, 2007, 21:29:37 PM »

Quote from: "Tiedemann"
All things come to he who waits 14 days (I notice Ubuntu posted their 2.0.0.3 patch some seven days before  :roll: ).

I've experienced that the Pardus developers do the updates in bulks every couple of weeks. They don't put every update on the net, as soon as it is there, but do some testing of it. And I think it's better that way (I remember a update of X in Kubuntu, which made the system crash, so it's not wise to always trust the developers of a software-package).

Jan.
Logged
Tiedemann
Newbie
*
Posts: 17


View Profile
« Reply #3 on: April 03, 2007, 21:59:21 PM »

Quote from: "gnodde"
They don't put every update on the net, as soon as it is there, but do some testing of it.

For a fortnight?

Quote
And I think it's better that way

Not if it leaves my machine and its data vulnerable for any longer than is strictly necessary, I'm afraid.

Quote
(I remember a update of X in Kubuntu, which made the system crash, so it's not wise to always trust the developers of a software-package)

IIRC that was more down to lax bureaucracy  than anything else -- the X.org maintainer pulled a package from Debian Experimental and put it straight into Ubuntu's Bug Fix Updates repository.
Logged
Tiedemann
Newbie
*
Posts: 17


View Profile
« Reply #4 on: April 04, 2007, 00:40:36 AM »

Quote from: "gnodde"
I've experienced that the Pardus developers do the updates in bulks every couple of weeks.


With the result that Pardus security updates tend to lag behind. A few recent examples:

tcpdump vulnerability
CVE-2007-1218

Ubuntu: 2007-03-06
Pardus: 2007-03-16

- - - -

thunderbird: Multiple vulnerabilities
CVE-2007-0775, CVE-2007-0776, CVE-2007-0777 etc.

Ubuntu: 2007-03-07
Pardus: 2007-03-16

- - - -

gnupg: Signed message forgery
CVE-2007-1263

Ubuntu: 2007-03-08
Pardus: 2007-03-16

- - - -

file: Integer overflow vulnerability
CVE-2007-1536

Ubuntu 2007-03-21
Pardus 2007-04-03

- - - -

firefox: Vulnerability in handling FTP responses
CVE-2007-1562

Ubuntu 2007-03-27
Pardus 2007-04-03

- - - -

inkscape: Multiple format string vulnerabilities
CVE-2007-1463, CVE-2007-1464

Ubuntu 2007-03-21
Pardus 2007-04-03

- - - -

nas: Multiple vulnerabilities
CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547

Ubuntu 2007-03-28
Pardus 2007-04-03

- - - -

kdelibs: port scanning via ftp protocol
CVE-2007-1564

Ubuntu 2007-03-29
Pardus 2007-04-03
Logged
Willem
M.D.
Administrator
Pardus Guru
*****
Gender: Male
Posts: 1020



View Profile WWW
« Reply #5 on: April 04, 2007, 07:01:04 AM »

Fixed after the major update yesterday!
Thanx for your requests
Logged

For freedom...
Tiedemann
Newbie
*
Posts: 17


View Profile
« Reply #6 on: April 04, 2007, 11:45:19 AM »

Quote from: "Willem"
Fixed after the major update yesterday!
Thanx for your requests


They'd have done it anyway, sooner or later  :wink: .
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  


Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!