Ubuntu :: What's The Deal With Firefox Security Patches On 9.10
Jul 6, 2010
It's starting to feel like Ubuntu 9.10 users have been left out in the cold, or at least forced to fend for themselves. I'm referring to the publicly-known vulnerabilities present in Firefox 3.5.9 (the version currently in use by Ubuntu 9.10). Ubuntu 10.04 (which uses Firefox 3.6.x instead of 3.5.x) users received their package updates June 29th, yet Ubuntu 9.10 seems to have been placed on the back burner. So basically, my questions are: Does anyone know what's going on? What's taking so long? Has security support for Firefox been terminated for Ubuntu 9.10?
PS: I can sort of understand how Ubuntu isn't able to provide Firefox patches for Ubuntu 9.04, as it uses Firefox 3.0.x (which isn't supported upstream anymore) and the distro release is so close to EOL. But, surely Ubuntu 9.10 doesn't need to be treated the same way, given that the 3.5.x branch it uses is still supported upstream and the distro release won't reach EOL until Q2 2011.
View 7 Replies
ADVERTISEMENT
Apr 27, 2010
I recently installed mplayer I compiled from svn, and now Ubuntu's package manager is showing security patches. If I install these patches, will it mess up the version I compiled and installed?
View 5 Replies
View Related
May 15, 2015
Is there any way to get update notifications for security patches on debian jessie. I was using update-manager and update-notifier and wheezy and that worked good, Update-notifier on jessie doesn't seem like its working...
View 12 Replies
View Related
May 12, 2010
I was well aware of the KDE trinity project from the start. Its so that users can have KDE 3 X alongside 4 X. The lucid release is due soon. Anyway I did try some releases a while back. I would like to know whether this project is very actively developed? What I mean is do they devlop security updates and maintainance patches regularly? Are there any actual KDE developers involved? (Some Kubuntu developers are)
View 2 Replies
View Related
Apr 8, 2010
Does anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
View 9 Replies
View Related
Jun 17, 2011
i have been using linux for about 2 months now , and still can't deal with tar.gz files! i extract the achieve , open the folder , open terminal in that folder , then make and..... nothing i didn't find the make file in firefox 6 tar.gz for example , for other files there was missing libraries , is there a compiler that can do the job simply like synaptic? it is really stupid that every application should have its installation instructions!!!! why there isn't some standardization for all linux distro in this point? deb packages are simple to use , why there isn't a general package system for all linux distro ? or at least a unified system for compiling where i can use the tar.gz files like .deb files?
View 9 Replies
View Related
Jul 18, 2009
Firefox 3.5 has a critical java script vulnerability as noted in the recent news. I had to manually update to 3.5.1 using the mozilla tarball because there's still no Firefox 3.5.1 in Fedora Updates or even Fedora Updates Testing repositories. Is this normal? I didn't want to resort to using the mozilla one because now I can't use flash (my system is 64 bit and mozilla only seems to offer a 32bit tar file of Firefox) and having two Firefoxs means dealing with the ProfileManager, separate bookmarks and so on.
I'm trying to find out if I'm just looking in the wrong place, I tried the normal mirrors for "updates" for Fedora 11 and then updates-testing and also the baseurl for "updates" to get rid of the mirror update delay. None of them seem to have 3.5.1 ?
View 3 Replies
View Related
Jan 10, 2010
A couple of the sites I go to, very professional and legit sites, tell me I need Adobe flash player. Now that I don't run anything with Ubuntu other then a FW is this safe? What about "NoScript" for Firefox?
View 9 Replies
View Related
May 21, 2011
All the Ubuntu networking info I can find online talks about Samba and how to deal with a Windows/Ubuntu networks.
I have 4 computers for my family, I just installed Ubuntu (10.04 lts on 2, 10.10 & 11.04) on them. They are all dual boot with XP.
Is there a tutorial that talks about just dealing with an Ubuntu network? I would assume you don't use or need Samba if windows isn't involved?
Also it looks to me that the work-group name is more important to windows. Is it even necessary with Ubuntu?
View 2 Replies
View Related
Feb 18, 2010
I have a strange problem regarding the connection to a LAN. I have a asus eeepc 1000H with Ubuntu netbook remix 9.10 (dual boot with WinXp). I've discovered two days ago that one of the pins from the ethernet port is pushed inside. This led to the fact that my netbook is not capable to deal with some UTP cables in the sense that it won't connect at the network through this cables. These cables work perfectly for any other computer.This is true for XP - for Ubuntu I found that it is not possible at all to connect through any cable at a LAN. There is an exception to that - my internet connection at home is done through PPPOE and I am able to access the internet through Ubuntu and WinXp.
Asus Romania won't honor the warranty (in their opinion I abused the product and it is my fault - fair enough - it is my fault since I am the single owner of the product - and I am connecting it in various locations to various ethernet cables) and in order to fix it they told me they will need to change the entire motherboard - which I guess it will cost me a price close to the price of the netbook itself - and I don't want to pay that much just for a pushed inside pin. (I wrote these to avoid questions regarding the warranty).I can live with the fact that some of the ethernet/UTP cables won't work with my netbook - but I can't live with the fact that the Ubuntu OS is not capable to connect to the internet through the ethernet port in any other locations besides my home. I require help in order to establish if there is something wrong with the Ubuntu ethernet settings or the Ubuntu OS is not capable to connect to internet through the faulty ethernet port (WinXp can).
View 2 Replies
View Related
Dec 23, 2009
Is it a big deal to upgrade to KDE 4.4? I am using 11.2.
View 7 Replies
View Related
Jun 28, 2011
An existing Windows 2003 Server hosts a WDS pxe role. A networtk shared directory provides some customized OS.
I have to migrate this server without altered the WDS directory. Is it possible to deal with this stack under Redhat with pxelinux ?
Actually, my tests are negative. But I definitively have to deal with as a requirement. Otherwise an update will be made for each alteration of the OS.
POC : Red Hat 5 64bits, Apache2, Samba3, pxelinux, tftp-hpa.
I had successfully boot a virtual pc under Red hat. But I'm alaways game over with the corporate OS. When I load a pxeboot.n12 file there is an invalid file or corrupt error. When I rename this file as pxeboot.0 (to use pxelinue) the next step is a boot menu. I load a BCD file but after a boot.ini file is required but not present. This file doesn't exits in the current directory.
View 5 Replies
View Related
Jul 15, 2011
I have a bash file as following:
Code:
#!/bin/sh
deal_file(){
printf $1
[code]....
so the for loop spilt the file names if containing spaces, how can I fix the bug?
View 6 Replies
View Related
Jan 15, 2010
What is the application you are used to work with (if any) to deal with requirements management?
Anyone but doors or osrmt?
View 1 Replies
View Related
May 23, 2010
Recent example: mountlo (using UML):
vi@vi-notebook:~/b$ mountlo -m 16 -d /dev/uba1 /home/vi/mnt/usb -t vfat -o iocharset=utf8,allow_other&
[1] 32561
vi@vi-notebook:~/b$ Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
Checking PROT_EXEC mmap in /tmp...OK
[Code]...
Also happens with Gimp (when it does run it's plug-ins). Parts of Gimp started by `gimp q.jpg&' freeze and cannot continue unless "killall -CONT" or made foreground. Is it a bug? How to reliably start things in a background?
View 1 Replies
View Related
Feb 15, 2011
we've been trying to become a bit more serious about backup. It seems the better way to do MySQL backup is to use the binlog. However, that binlog is huge! We seem to produce something like 10Gb per month. I'd like to copy the backup to somewhere off the server as I don't feel like there is much to be gained by just copying it to somewhere else on the server. I recently made a full backup which after compression amounted to 2.5Gb and took me 6.5 hours to copy to my own computer ... So that solution doesn't seem practical for the binlog backup.Should we rent another server somewhere? Is it possible to find a server like that really cheap? Or is there some other solution? What are other people's MySQL backup practices?
View 8 Replies
View Related
May 9, 2010
Using slackware 12.2, xfce, Firefox 3.0.16 and for the past few days i have been getting Persistent System Security Window that looks like MS Firewall and you can't click on the X or Cancel because then it activates a so called security analysis with green progress bar. I open a terminal real quick and issue pkill firefox command.I have been trying to get to the basicconfig site to follow tutorial on firefox security update but that window keeps comming back.I emptied out my /tmp files but i am still having same problem and don't know what to do
View 4 Replies
View Related
Jun 16, 2010
Just wanted to share a script that I wrote to migrate data off of a Time Machine backup. As anyone who's tried this knows, it's not straightforward because most directories are pseudo-hardlinked according to some hare-brained scheme Apple came up with. (Hard-linked directories actually show up as zero-length regular files with bizarre link counts greater than 128. The link count corresponds to a directory called "dir_$N" (where $N is the link count) inside of a special directory at the root of the Time Machine volume called ".HFS+ Private Directory Data^M" (where the ^M is a literal carriage-return character).)
Here's the script (it's also attached, for convenience). It works pretty much the same as "rsync -av <SRC_DIR> <DST_DIR>" would, if the pseudo-hardlinks weren't in the way. In other words, it just recursively copies the first directory to the second. So the first argument (the source directory) is typically something like
/media/<TIME_MACHINE_VOLNAME>/Backups.backupdb/<HOSTNAME>/Latest/<VOLNAME>
if you want the entire latest backup. It can also be a relative path, if you've already changed to a directory inside the backup.
[Code]....
View 2 Replies
View Related
Oct 15, 2010
I've been having terrible trouble with my 64bit Desktop v10.04 ever since I upgraded it. Has been a long battle - but I think I have it down to just one remaining issue which I suspect is more related to the network than to the upgrade. So I'll ask here also... The old system always used grub as the bootloader, and has always worked just fine. I have now had to do a complete fresh install, which incorporated a change to grub2 (first time I have used it).
It would seem now, that grub2 is unable to deal with mounting the samba shares on my lan at boot time. The boot always fails, dumping the user to the cli rather than the gui desktop. The error given indicates that the network is unreachable. Most users of the system have given up on Ubuntu altogether because of this, and fallen back into the clutches of the evil empire (the machine dual boots XP). If I log in, and manually startx to open the desktop, the network is there, and the shares are mounted just fine. Everything seems to be working ok - but for crashing out of the boot process with network errors. The fstab file follows, in case there is some cause there I'm not seeing (I have edited names and passwords prior to posting)...
[Code]....
View 4 Replies
View Related
Jul 25, 2011
For about a week now I've been seeing mass attempts to relay through postfix and login to dovecot from the same 2 addresses, none are successful due to how postfix/dovecot are configured and I wouldn't be overly worried but my isp have picked up on it and are nagging at me
What ways do people go about just dropping connection attempts from offending addresses/ranges when stuff like that happens? An ideal thing would be something that detects repeated failed attempts from a host or range and subsequently ignore/ban them, perhaps for a specified length of time, something along the lines of denyhosts and fail2ban for ssh would be great Don't know if there's anything out there or just a plain tried and trusted method anyone might use for stuff like this, if not a hint on the most appropriate way to go about it 'manually' would do
View 9 Replies
View Related
Jun 14, 2010
Newbie here,
I'm thinking of moving mostly to linux to get away from the security holes in Windows. And I have some questions...
How secure is Firefox for doing online banking?
Sometimes I have run into a situation where the bank doesn't support anything but Windows explorer when accessing my accounts. Can this be gotten around safely in Linux?
If so, How?
View 9 Replies
View Related
Aug 16, 2010
There is a lot of talk regarding the Zeus Trojan at the moment.
Are we safe if we use The Live CD and Firefox?
View 7 Replies
View Related
Apr 11, 2011
I followed instructions for installing vidalia and polipo and everything seems to be working ok, but I cannot connect to tor from firefox using torbutton. I didn't edit configurations other than downloaded those for polipo, as described in the link above.I read that somebody got it working with foxyproxy better than torbutton, but torbutton is customised specifically to enhance tor, so I'd prefer to use it unless there issomething better.torbutton test fails with: Quote:Tor proxy test: Local HTTP Proxy is unreachable. Is Polipo running properly?Message log from tor:
Code:
Apr 11 00:39:51.187 [Notice] Tor v0.2.1.30. This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
[code]...
View 5 Replies
View Related
Dec 17, 2010
I'm using ubuntu 10.10. I heard about BFS kernel patch, that this patch has great improvement for desktop systems.
Now, I have this question: Do developers of linux kernel(kernel.org) apply these kinds of patches to kernel source for next releases? if no, how can I apply this patch to my ubuntu kernel?
View 1 Replies
View Related
Mar 10, 2010
I just loaded ubuntu 9.10 on my laptop. Toshiba it loaded fine. So I ran update on the system and it updated to teh 9.20 kernel (dont remember act numbers) But now it wont reboot.
I get udevadm trigger is not permitted while udev is inconfigured udev settle is not permitted while udev is unconfigured
svgalib: Cannot open /dev/mem Gave up waiting for root device. Common problems:
-Boot args (cat /proc/cmdline)
- Check rootdelay= (did the system wait long enough?)
- Check root= (did the system wait long enought for device?)
- Missing modules (cat /proc modules; ls /dev)
ALERT! /dev/disk/by-uuid/e1768deb-95e0-44bd-96b0-b725c73d42af does nto exist. Dropping to a shell
Busy box v.1.13.3 (Ubuntu 1:1.1.13.3-1ubuntu7) built in shell (ash) Enter help for a list of built-in commands (initranfs)
edit: Kernel 2.6.31-20-generic. It had kernel 2.6.31-14-generic I was able to boot back into the old kernel.. so whats happening? why wont the upgraded kernel work?
View 8 Replies
View Related
Jan 12, 2010
im using firefox 3.5.7 with ubuntu 9.10 but firefox since 3.5.6 and 3.5.7 keeps crashing a lot-just now it crashed my entire system-the whole screen went black. So to that end is use of opera or chrome secure for ubuntu?
View 9 Replies
View Related
Mar 25, 2010
Having read how a private company is providing governments (and probably criminals) with a box that can listen in on SSL traffic by the use of forged CA certificates - [URL]. It turns out there's already a forged certificate in Firefox 3.6.
Go to Edit>Preferences>Advanced>Encryption>View Certificates and look for 'Equifax Secure Inc.' - You should see a proof-of-concept rogue certificate called 'MD5 Collisions Inc.' and a link to phreedom which explains the method used to generate it. That little lock doesn't necessarily mean that you're safe...
View 4 Replies
View Related
Apr 28, 2010
Anyone set up an Apparmor profile for Firefox?
View 9 Replies
View Related
Jun 6, 2010
I don`t know how did that happen but now after reboot my firefox starts with pocker and porno web-pages. I don`t play pocker, never did. Yes, a couple of times I did watch... But I didn`t install or change anything (extentions or add-ons) in firefox. I acrually didn`t change anything in system and now firefox starts up with those adverts. In settings of firefox I have "show last opened pages". Of course I didn`t close ever my firefox with a couple of adverts. And it does only after reboot. So, if I close it now and open again it will show the last pages. But after reboot ... Well, if I saw something like that in windows I`d think that there is a virus or something else like adverts-virus but I`m in kubuntu. Kubuntu 10.04.
View 4 Replies
View Related
Jul 11, 2010
For a while now, firefox has been prompting gnome-keyring (twice)
There is one applet i know of on my system that wants me to enter my keyring pw twice "CPU Frequency Scaling Monitor" (i have a core2-duo cpu, a monitor for each cpu), but i have no clue why ff would be invoking a change in how ubuntu controls that app.
Is there any way of finding out, which application (or perhaps an add-on?) is actually asking for my keyring-pw (the input window just says "an application..." not like e.g. "synaptic package manager...".
View 4 Replies
View Related
