Re: Security update of firefox-esr for Wheezy
On Fri, Sep 02, 2016 at 01:26:05AM +0200, Emilio Pozuelo Monfort wrote:
> On 08/08/16 10:20, Raphael Hertzog wrote:
> > On Mon, 08 Aug 2016, Emilio Pozuelo Monfort wrote:
> >>> Shall we mark gcc-4.8 as unsupported in wheezy, explaining that its only
> >>> purpose is to enable build of other packages?
> >> That would make sense.
> >> I'll see if I can take a look at this.
> > The problematic part is likely libstdc++. I would expect the new gcc to
> > assume that you have the corresponding libstdc++.
> > Mike once told that Firefox has special code to avoid the increased
> > dependency but that might not be the case of other packages that we might
> > want to build with a newer gcc.
> I had a look at this. Matthias pointed me to gcc-mozilla from Ubuntu, which is
> GCC 4.8.4 shipped in one package. I built that for Wheezy, then built
> firefox_49.0~b1-1 using that. I had to disable PIE, but other than that it built
> fine and seems to work well. So I think we could go this route.
> For GCC at least we need to drop the gfdl bits, and we may want to update to
> 4.8.5, but in general it seems to work well. I was hitting a build failure that
> I could workaround by using an interactive shell. No idea if it's a pbuilder
> problem or what. That would need a little investigation.
> For Firefox, I didn't look much at the PIE issue. I just saw that it fails on a
> simple configure test when enabled, at the linker stage. With pie disabled,
> everything went well.
That sounds great. Did you put the packages somewhere? I don't think we'll
run into any extra issues with Icedove but it might be worth checking
this out before the current ESR versions go EOL.