Re: [SECURITY] [DSA 5113-1] firefox-esr security update

To: Moritz Mühlenhoff <jmm@inutil.org>, debian-security@lists.debian.org, Friedhelm Waitzmann <fach220408.fwnsp@xoxy.net>
Subject: Re: [SECURITY] [DSA 5113-1] firefox-esr security update
From: Elmar Stellnberger <estellnb@gmail.com>
Date: Fri, 18 Nov 2022 16:41:03 +0100
Message-id: <[🔎] 6fa92d1e-c7de-46a2-6493-b6f9d260ebcc@gmail.com>
In-reply-to: <slrnt53uol.11a0.jmm@inutil.org>
References: <20220406171121.GA16045@seger.debian.org> <20220408115131.GK14078@kugelfisch.zuhause.test> <slrnt53uol.11a0.jmm@inutil.org>

Am 09.04.22 um 23:31 schrieb Moritz Mühlenhoff:

Friedhelm Waitzmann wrote:

For the oldstable distribution (buster), these problems have
been fixed in version 91.8.0esr-1~deb10u1.


  Where can I get this from for buster and architecture i386?
<http://security.debian.org/debian-security/dists/buster/updates/main/binary-i386/Packages.xz>
  does not have it.


The Firefox ESR91 series triggers an internal compiler error
with the GCC version included in Debian 10, so there's no build
available currently.

There's one for Debian 11 (where GCC builds it correctly), but
I'd instead suggest to switch to amd64 instead.

Cheers,
         Moritz


Hi Friedhelm, hi all Debian x86 fans,

The Firefox compile bug has already been resolved since some time forDebian 10 as it seems. Today it has updated from Firefox 102.4.0esr to102.5.0esr at me. It seems to be a Firefox only fix however, since gcchas not yet been updated for the 8 series. It is still gcc 8.3.0-6 andnot 8.5 or later. According to gcc developers only the latest of the 8series is up-to-date and supported.


Cheers,
Elmar

Reply to:

Next by Date: Debian Security Tracker - `no-dsa` Clarification
Next by thread: Debian Security Tracker - `no-dsa` Clarification
Index(es):
- Date
- Thread