Subject: | |
From: | |
Reply To: | |
Date: | Fri, 16 Mar 2012 08:43:33 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On 03/16/2012 04:29 AM, Yasha Karant wrote:
> <snip>
>
> Thus, back to my point, that may need to be addressed by either the SL
> developers at Fermilab/CERN or, in principle, by TUV: if one does not
> use the Mozilla production release, but instead uses the SL RPM that
> typically has a much lower Mozilla release number, are the security
> issues identified by Mozilla, and posted to the URL I listed
> http://www.mozilla.org/security/known-vulnerabilities/firefox.html
> and related Mozilla security URL lists for other Mozilla application,
> actually addressed by the SL RPMs of the Mozilla suite?
>
> <snip>
The specfile within the RPM suggests that the code for
Firefox/Thunderbird 10+ is being taken from Mozilla with almost zero
modification.
7 patches applied by TUV, totaling 224 lines, patches were blindly
counted with wc -l
changelog:
* Tue Mar 06 2012 Martin Stransky <[log in to unmask]> - 10.0.3-1
- Update to 10.0.3 ESR
* Thu Feb 09 2012 Jan Horak <[log in to unmask]> - 10.0.1-1
- Update to 10.0.1 ESR
* Tue Feb 07 2012 Martin Stransky <[log in to unmask]> - 10.0-3
- Update to 10.0 ESR
* Mon Jan 30 2012 Martin Stransky <[log in to unmask]> - 10.0-1
- Update to 10.0
--
Pat Riehecky
Scientific Linux Developer
|
|
|