[Slackbuilds-users] [Bug-gnuzilla] icecat 38.8.0 crashes
bch at shroggslodge.freeserve.co.uk
bch at shroggslodge.freeserve.co.uk
Tue Aug 16 18:51:08 UTC 2016
Thank you for sharing your views Ivan.
I just want to make clear as perhaps my previous post may have given a
wrong impression. It was not my intention for what I said to be taken as
criticism of Gnuzilla in any way.
Peoples' efforts on projects such as Gnuzilla, SBo work and all similar I
find truly amazing.
I must admit I am not clear why Mozilla would not want the same as Gnuzilla
and why that project would conflict with Gnuzilla ideas. Mind you, the
complexities of the human condition are huge :-)
Perhaps it is safe to say that it is better to just wait and see how it all
pans out and what emerges.
Thank you again.
Peace and good will to all.
Habs
On 16 August 2016 at 19:05, Ivan Zaigralin <melikamp at melikamp.com> wrote:
> Personally, I am somewhat unhappy about the gnuzilla update/security
> policy.
> The move to forties apparently is not happening because it breaks saved
> cookie
> preferences or something, but I have to question the wisdom of withholding
> fixes for remote code execution because of that.
>
> Having said that, I think we need to take a few factors into consideration.
> First of all, it's not gnuzilla's fault firefox is so insequre, it's
> mozilla's
> fault. This browser has like a million holes in it, and may be the most
> updated package in Slackware. Lagging a few releases behind sucks,
> especially
> when the bugs are made public, but at the same time it looks like every
> firefox release in the last few years had terrible security holes in it,
> so I
> don't really feel that much safer using the latest version, and neither
> should
> you. If security is very important to a user, it may be prudent to switch
> browsers.
>
> Also, gnuzilla has a mission and a goal, and mozilla is not making it easy.
> They keep putting more and more ugly stuff into firefox and changing the
> security policy, like with the cookies above, while gnuzilla team is
> committed
> to releasing a product which meets their rather high standards. As a
> volunteer
> effort, they've done great, and it would be completely unfair to chastise
> them
> for lagging behind mozilla, since gnizilla are not the ones breaking it it
> every release cycle.
>
> Finally, I believe there is a niche opening up for a firefox-based browser
> which is libre and meets free software distrubution guidelines like icecat,
> but has no extra privacy features, and passes all the mozilla pearls onto
> the
> users. Such minimal deblobbing could be potentially more robust: that is,
> new
> releases could be churned out as quickly and reliably as linux-libre.
> Looking
> at Parabola's thunderbird & seamonkey builds, I imagine something like that
> could be done for firefox as well. Anyone can step in and claim the glory
> for
> this one :) I don't have time to write a slackbuild like that and run it by
> FSF, but if anyone did it, I think I would actually switch.
>
> On Tuesday, August 16, 2016 09:57:03 bch at shroggslodge.freeserve.co.uk
> wrote:
> > Good morning
> >
> > Having got latest Icecat building with the -Os switch, it seems there are
> > some reports of [serious?] security issues with it.
> >
> > Here is where I first read something:
> > https://lists.gnu.org/archive/html/bug-gnuzilla/2016-08/msg00000.html
> >
> > And I have seen further discussion and consternation about what to do
> with
> > Icecat and perhaps not using Firefox as base etc. I'm really relatively
> > only a 'user' so to speak, so I'm interested to know what others
> feel....is
> > there a serious security risk ?
> >
> > I realise this is SBo and not an Icecat forum, but I wonder what the
> > contributors (and maintainer) on SBo feel about the reports being made;
> > should it affect whether Icecat is on SBo if its known to be 'risky', or
> > does it not matter, should comments be made [in the info] or is it up to
> > anyone wanting to use it to be self-aware and generally any other
> comments
> > to share.
> >
> > If this list really is inappropriate for posts like this (whatever 'this'
> > is), then just let me know.....but I would be interested in what more
> > knowledgeable people on SBo feel ?
> >
> >
> > Thank you and good day to all.
> > Habs
> >
> > On 8 August 2016 at 23:16, <bch at shroggslodge.freeserve.co.uk> wrote:
> > > hi there all
> > >
> > > I have tried the -Os switch and it does appear to remedy the problem.
> > > Icecat no longer crashes in the scenario(s) I have documented.
> > >
> > > I wonder what the -O2 switch does differently to the -Os one.
> > >
> > > So for now that does appear to be the 'fix'. Thank you all.
> > >
> > >
> > > Habs
> > >
> > > On 8 August 2016 at 20:36, Ryan P.C. McQuen <ryan.q at linux.com> wrote:
> > >> On Monday, August 8, 2016, Ivan Zaigralin <melikamp at melikamp.com>
> wrote:
> > >>> I still can't replicate any crash whatsoever, even in places where
> > >>> others
> > >>> report them. However, Matt tells me that crashes went away after he
> > >>> rebuilt
> > >>> with -Os. He also mentioned he's got an AMD Phenom, whereas I am
> using
> > >>> Intel
> > >>> CPU, which may explain why I am unable to hit this snag.
> > >>>
> > >>> I can certainly submit a fixed SlackBuild if there's a consensus -Os
> is
> > >>> an
> > >>> effective fix. Please let me know :)
> > >>
> > >> Seems like that would be valid, since Slackware's own Firefox build
> was
> > >> passing that for version 43, and only removed it for versions past 43:
> > >>
> > >> (Changelog reference):
> > >>
> > >> Wed Dec 23 22:44:58 UTC 2015
> > >> a/lvm2-2.02.138-i586-1.txz: Upgraded.
> > >> ap/ghostscript-9.18-i586-1.txz: Upgraded.
> > >> ap/lsof-4.89-i586-1.txz: Upgraded.
> > >> l/pycups-1.9.73-i586-1.txz: Upgraded.
> > >> l/pycurl-7.19.5.3-i586-1.txz: Upgraded.
> > >> n/NetworkManager-1.0.10-i586-1.txz: Upgraded.
> > >> n/curl-7.46.0-i586-1.txz: Upgraded.
> > >> n/links-2.12-i586-1.txz: Upgraded.
> > >> n/obexfs-0.12-i486-1.txz: Removed.
> > >>
> > >> This functionality is now included in the obexftp package.
> > >>
> > >> n/obexftp-0.24-i586-1.txz: Upgraded.
> > >>
> > >> Thanks to Robby Workman.
> > >>
> > >> n/openobex-1.7.1-i586-1.txz: Upgraded.
> > >>
> > >> Thanks to Robby Workman.
> > >>
> > >> n/rsync-3.1.2-i586-1.txz: Upgraded.
> > >> x/libXi-1.7.6-i586-1.txz: Upgraded.
> > >> x/pixman-0.33.6-i586-1.txz: Upgraded.
> > >> x/xorg-cf-files-1.0.6-noarch-1.txz: Upgraded.
> > >> xap/mozilla-firefox-43.0.2-i586-2.txz: Rebuilt.
> > >>
> > >> Compile with -Os instead of -O2 to work around crash issues.
> > >> Recent betas are working fine with -O2, so we'll probably be
> > >> able to switch back to that again soon. Thanks to j_v.
> > >>
> > >> --
> > >> -Ryan
> > >> [ryanpcmcquen.org]
> > >>
> > >>
> > >> _______________________________________________
> > >> SlackBuilds-users mailing list
> > >> SlackBuilds-users at slackbuilds.org
> > >> http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
> > >> Archives - https://lists.slackbuilds.org/pipermail/slackbuilds-users/
> > >> FAQ - https://slackbuilds.org/faq/
>
> --
> http://gnuzilla.gnu.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20160816/e95ee839/attachment-0001.html>
More information about the SlackBuilds-users
mailing list