<div dir="ltr"><div><div><div><div><div><div><div>Thank you for sharing your views Ivan.<br><br></div>I just want to make clear as perhaps my previous post may have given a wrong impression. It was not my intention for what I said to be taken as criticism of Gnuzilla in any way.<br><br></div>Peoples' efforts on projects such as Gnuzilla, SBo work and all similar I find truly amazing.<br><br></div>I must admit I am not clear why Mozilla would not want the same as Gnuzilla and why that project would conflict with Gnuzilla ideas. Mind you, the complexities of the human condition are huge :-)<br><br></div>Perhaps it is safe to say that it is better to just wait and see how it all pans out and what emerges.<br><br></div>Thank you again.<br></div>Peace and good will to all.<br></div>Habs<br><div><div><div><div><div><div><div><div><div><div><div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On 16 August 2016 at 19:05, Ivan Zaigralin <span dir="ltr"><<a href="mailto:melikamp@melikamp.com" target="_blank">melikamp@melikamp.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Personally, I am somewhat unhappy about the gnuzilla update/security policy.<br>
The move to forties apparently is not happening because it breaks saved cookie<br>
preferences or something, but I have to question the wisdom of withholding<br>
fixes for remote code execution because of that.<br>
<br>
Having said that, I think we need to take a few factors into consideration.<br>
First of all, it's not gnuzilla's fault firefox is so insequre, it's mozilla's<br>
fault. This browser has like a million holes in it, and may be the most<br>
updated package in Slackware. Lagging a few releases behind sucks, especially<br>
when the bugs are made public, but at the same time it looks like every<br>
firefox release in the last few years had terrible security holes in it, so I<br>
don't really feel that much safer using the latest version, and neither should<br>
you. If security is very important to a user, it may be prudent to switch<br>
browsers.<br>
<br>
Also, gnuzilla has a mission and a goal, and mozilla is not making it easy.<br>
They keep putting more and more ugly stuff into firefox and changing the<br>
security policy, like with the cookies above, while gnuzilla team is committed<br>
to releasing a product which meets their rather high standards. As a volunteer<br>
effort, they've done great, and it would be completely unfair to chastise them<br>
for lagging behind mozilla, since gnizilla are not the ones breaking it it<br>
every release cycle.<br>
<br>
Finally, I believe there is a niche opening up for a firefox-based browser<br>
which is libre and meets free software distrubution guidelines like icecat,<br>
but has no extra privacy features, and passes all the mozilla pearls onto the<br>
users. Such minimal deblobbing could be potentially more robust: that is, new<br>
releases could be churned out as quickly and reliably as linux-libre. Looking<br>
at Parabola's thunderbird & seamonkey builds, I imagine something like that<br>
could be done for firefox as well. Anyone can step in and claim the glory for<br>
this one :) I don't have time to write a slackbuild like that and run it by<br>
FSF, but if anyone did it, I think I would actually switch.<br>
<div class="HOEnZb"><div class="h5"><br>
On Tuesday, August 16, 2016 09:57:03 <a href="mailto:bch@shroggslodge.freeserve.co.uk">bch@shroggslodge.freeserve.co.<wbr>uk</a> wrote:<br>
> Good morning<br>
><br>
> Having got latest Icecat building with the -Os switch, it seems there are<br>
> some reports of [serious?] security issues with it.<br>
><br>
> Here is where I first read something:<br>
> <a href="https://lists.gnu.org/archive/html/bug-gnuzilla/2016-08/msg00000.html" rel="noreferrer" target="_blank">https://lists.gnu.org/archive/<wbr>html/bug-gnuzilla/2016-08/<wbr>msg00000.html</a><br>
><br>
> And I have seen further discussion and consternation about what to do with<br>
> Icecat and perhaps not using Firefox as base etc. I'm really relatively<br>
> only a 'user' so to speak, so I'm interested to know what others feel....is<br>
> there a serious security risk ?<br>
><br>
> I realise this is SBo and not an Icecat forum, but I wonder what the<br>
> contributors (and maintainer) on SBo feel about the reports being made;<br>
> should it affect whether Icecat is on SBo if its known to be 'risky', or<br>
> does it not matter, should comments be made [in the info] or is it up to<br>
> anyone wanting to use it to be self-aware and generally any other comments<br>
> to share.<br>
><br>
> If this list really is inappropriate for posts like this (whatever 'this'<br>
> is), then just let me know.....but I would be interested in what more<br>
> knowledgeable people on SBo feel ?<br>
><br>
><br>
> Thank you and good day to all.<br>
> Habs<br>
><br>
> On 8 August 2016 at 23:16, <<a href="mailto:bch@shroggslodge.freeserve.co.uk">bch@shroggslodge.freeserve.<wbr>co.uk</a>> wrote:<br>
> > hi there all<br>
> ><br>
> > I have tried the -Os switch and it does appear to remedy the problem.<br>
> > Icecat no longer crashes in the scenario(s) I have documented.<br>
> ><br>
> > I wonder what the -O2 switch does differently to the -Os one.<br>
> ><br>
> > So for now that does appear to be the 'fix'. Thank you all.<br>
> ><br>
> ><br>
> > Habs<br>
> ><br>
> > On 8 August 2016 at 20:36, Ryan P.C. McQuen <<a href="mailto:ryan.q@linux.com">ryan.q@linux.com</a>> wrote:<br>
> >> On Monday, August 8, 2016, Ivan Zaigralin <<a href="mailto:melikamp@melikamp.com">melikamp@melikamp.com</a>> wrote:<br>
> >>> I still can't replicate any crash whatsoever, even in places where<br>
> >>> others<br>
> >>> report them. However, Matt tells me that crashes went away after he<br>
> >>> rebuilt<br>
> >>> with -Os. He also mentioned he's got an AMD Phenom, whereas I am using<br>
> >>> Intel<br>
> >>> CPU, which may explain why I am unable to hit this snag.<br>
> >>><br>
> >>> I can certainly submit a fixed SlackBuild if there's a consensus -Os is<br>
> >>> an<br>
> >>> effective fix. Please let me know :)<br>
> >><br>
> >> Seems like that would be valid, since Slackware's own Firefox build was<br>
> >> passing that for version 43, and only removed it for versions past 43:<br>
> >><br>
> >> (Changelog reference):<br>
> >><br>
> >> Wed Dec 23 22:44:58 UTC 2015<br>
> >> a/lvm2-2.02.138-i586-1.txz: Upgraded.<br>
> >> ap/ghostscript-9.18-i586-1.<wbr>txz: Upgraded.<br>
> >> ap/lsof-4.89-i586-1.txz: Upgraded.<br>
> >> l/pycups-1.9.73-i586-1.txz: Upgraded.<br>
> >> l/pycurl-7.19.5.3-i586-1.txz: Upgraded.<br>
> >> n/NetworkManager-1.0.10-i586-<wbr>1.txz: Upgraded.<br>
> >> n/curl-7.46.0-i586-1.txz: Upgraded.<br>
> >> n/links-2.12-i586-1.txz: Upgraded.<br>
> >> n/obexfs-0.12-i486-1.txz: Removed.<br>
> >><br>
> >> This functionality is now included in the obexftp package.<br>
> >><br>
> >> n/obexftp-0.24-i586-1.txz: Upgraded.<br>
> >><br>
> >> Thanks to Robby Workman.<br>
> >><br>
> >> n/openobex-1.7.1-i586-1.txz: Upgraded.<br>
> >><br>
> >> Thanks to Robby Workman.<br>
> >><br>
> >> n/rsync-3.1.2-i586-1.txz: Upgraded.<br>
> >> x/libXi-1.7.6-i586-1.txz: Upgraded.<br>
> >> x/pixman-0.33.6-i586-1.txz: Upgraded.<br>
> >> x/xorg-cf-files-1.0.6-noarch-<wbr>1.txz: Upgraded.<br>
> >> xap/mozilla-firefox-43.0.2-<wbr>i586-2.txz: Rebuilt.<br>
> >><br>
> >> Compile with -Os instead of -O2 to work around crash issues.<br>
> >> Recent betas are working fine with -O2, so we'll probably be<br>
> >> able to switch back to that again soon. Thanks to j_v.<br>
> >><br>
> >> --<br>
> >> -Ryan<br>
> >> [<a href="http://ryanpcmcquen.org" rel="noreferrer" target="_blank">ryanpcmcquen.org</a>]<br>
> >><br>
> >><br>
> >> ______________________________<wbr>_________________<br>
> >> SlackBuilds-users mailing list<br>
> >> <a href="mailto:SlackBuilds-users@slackbuilds.org">SlackBuilds-users@slackbuilds.<wbr>org</a><br>
> >> <a href="http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users" rel="noreferrer" target="_blank">http://lists.slackbuilds.org/<wbr>mailman/listinfo/slackbuilds-<wbr>users</a><br>
> >> Archives - <a href="https://lists.slackbuilds.org/pipermail/slackbuilds-users/" rel="noreferrer" target="_blank">https://lists.slackbuilds.org/<wbr>pipermail/slackbuilds-users/</a><br>
> >> FAQ - <a href="https://slackbuilds.org/faq/" rel="noreferrer" target="_blank">https://slackbuilds.org/faq/</a><br>
</div></div><br>--<br>
<a href="http://gnuzilla.gnu.org" rel="noreferrer" target="_blank">http://gnuzilla.gnu.org</a><br>
<br></blockquote></div><br></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>