20100324 firefox-3.6.2 [VL6.0]

[toothandnail]

toothandnail has built a new Firefox package for VectorLinux 6.0.
   
   

• Package:   firefox-3.6.2-i586-1vl60.tlz
• MD5: ad8a50856e65717a9206ddcf55d3c8d7
• Package Size:   7958 K
• Installed Size:   27800 K
• Sources: http://vectorlinux.osuosl.org/veclinux-6.0/source/testing/net/firefox

   
   

Code:

firefox: Firefox (Mozilla Firefox Web Browser)
firefox:
firefox: Firefox 3 is the next generation release of the award-winning
firefox: Firefox web browser from Mozilla.
firefox: To comply with Mozilla trademarks, and to assure quality control,
firefox: this is the official Mozilla build, packaged for VectorLinux.
firefox:
firefox:
firefox: License: MPL 1.1/GPL 2.0/LGPL 2.1
firefox: Author:  Mozilla Foundation <drivers@mozilla.org>
firefox: Website: http://www.mozilla.com/en-US/firefox/

Note: this update fixes a serious security problem. Users may find it advisable to update as soon as possible. See this link for details:

http://www.mozilla.org/security/announce/2010/mfsa2010-08.html
   
   After testing this package please stop back here and let us know how it works for you.
   

[GrannyGeek]

So far so good on my VL6 Light laptop. Flash and Java are working. My settings were preserved from FF 3.6. I'm happy this package was created so promptly.
--GrannyGeek

[roarde]

Installed fine, runs fine, except for for the following, which may be particular to my situation:

My internet connection is through pay-per-use WiFi, so login is via https html. There are many redirects involved. 3.6.0 handled it without complaint. 3.6.2 won't make the final connection, and error console shows this:

loginportal8.wanderingwifi.com : potentially vulnerable to CVE-2009-3555

The error console from 3.6.0 doesn't have this info. And 3.6.2 marks it as info, not warning or error. Using lynx, I'm prompted three times:

Local Issuer Certificate Unavailable : continue? [y,n]

Selecting y logs on eventually.

One time only, 3.6.2's error console showed an error I can't quote exactly, but it was in the config file firefox.js, and had to do with posting text. I'm wondering if FF is supposed to be providing info and options to handle the vulnerability, but can't because of a script error.

In any case, I don't think it's fixable by the packager since official builds are being used. Just passing on the info for other users.

I always turn off the testing repo after installing from it, but if you think you may face this same issue, leave the testing repo on. Leaving it on allows you to downgrade, then re-upgrade ff without the connection required to reload package info from the repo. Unless you've made certain alterations, the package remains in subdirectories of /home/ftp.

Thanks for your quick attention to this security update and for your good work in packaging, toothandnail. In playing with the issue, I've up/downgraded several times, all flawlessly.