Slackware Security Advisories
Slackware Logo

News

Security Advisories

FAQ

Book

General Info

Get Slack

Install Help

Configuration

Packages

ChangeLogs

Propaganda

Ports

Other Sites

Support

Contact

Mailing Lists

About

 
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] mozilla security/EOL (SSA:2006-114-01)
Date: Mon, 24 Apr 2006 15:26:09 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  mozilla security/EOL (SSA:2006-114-01)

New Mozilla packages are available for Slackware 10.0, 10.1,
10.2 and -current to fix multiple security issues.

More details about the issues may be found here:

  http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla

Also note that this release marks the EOL (End Of Life) for the Mozilla
Suite series.  It's been a great run, so thanks to everyone who put in
so much effort to make Mozilla a great browser suite.  In the next
Slackware release fans of the Mozilla Suite will be able to look
forward to browsing with SeaMonkey, the Suite's successor.  Anyone
using an older version of Slackware may want to start thinking about
migrating to another browser -- if not now, when the next problems
with Mozilla are found.

Although the "sunset announcement" states that mozilla-1.7.13 is the
final mozilla release, I wouldn't be too surprised to see just one
more since there's a Makefile.in bug that needed to be patched here
before Mozilla 1.7.13 would build.  If a new release comes out and
fixes only that issue, don't look for a package release on that as
it's already fixed in these packages.  If additional issues are
fixed, then there will be new packages.  Basically, if upstream
un-EOLs this for a good reason, so will we.


Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-1.7.13-i486-1.tgz:  Upgraded to mozilla-1.7.13.
  This upgrade fixes several possible security bugs.
  For more information, see:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla
  This release marks the end-of-life of the Mozilla 1.7.x series:
    http://developer.mozilla.org/devnews/index.php/2006/04/12/sunset-announcement-for-fxtb-10x-and-mozilla-suite-17x/
  Mozilla Corporation is recommending that users think about
  migrating to Firefox and Thunderbird.
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated packages for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-1.7.13-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-plugins-1.7.13-noarch-1.tgz

Updated packages for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mozilla-1.7.13-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mozilla-plugins-1.7.13-noarch-1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mozilla-1.7.13-i486-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-1.7.13-i486-1.tgz


MD5 signatures:
+-------------+

Slackware 10.0 packages:
68854f3ff3df3abe499554a09f5936e8  mozilla-1.7.13-i486-1.tgz
506940dd673f5f199f8b829581f70c03  mozilla-plugins-1.7.13-noarch-1.tgz

Slackware 10.1 packages:
54066af072c28489efaf080ad6751936  mozilla-1.7.13-i486-1.tgz
2296ff82e5b753f5d43da07d46850481  mozilla-plugins-1.7.13-noarch-1.tgz

Slackware 10.2 package:
ac7d2d23a475418fdf29d4c0f70929da  mozilla-1.7.13-i486-1.tgz

Slackware -current package:
bc5f54cf5af6a2917c751699b06391a0  mozilla-1.7.13-i486-1.tgz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg mozilla-1.7.13-i486-1.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFETTElakRjwEAQIjMRAlNFAKCTzAEcvck/6bzG70Om25oUjn5WLQCdG1vt
Tj5Zj380lHBjSFHAoWC7eQA=
=T2xn
-----END PGP SIGNATURE-----

Slackware™ is a trademark of Patrick Volkerding.