[Linux-aus] FireFox vs IceWeasel

Jeff Waugh jdub at perkypants.org
Tue Oct 24 15:38:04 UTC 2006


<quote who="Paul Wayper">

> So, can I just check one thing here.  These security updates - were they
> patches filed in the Mozilla Foundation's code control system (CVS or
> whatever) against bugs in their bugzilla database?  Or were these external
> patches applied 'in parallel' - i.e. the Mozilla Foundation was just too
> slow at applying security updates so the Debian and Ubuntu developers
> decided to take matters into their own hands?

Mozilla don't ship patches. They ship updates to the entire codebase as
minor versions. This is very troublesome for Linux distributors, but it is
of little concern to MoFo as their primary userbase is on Windows, for whom
they provide binary updates. *Any* changes to Firefox, security related or
not, require checking by MoFo engineers for trademark license compliancy.

This has been a problem for *every* Linux distribution, and the source of
much frustration. MoFo has made it very clear that they would far prefer it
if distributors shipped the Firefox binaries as shipped on firefox.com, and
that they took minor releases no-questions-asked as security updates, rather
than providing patches to the distributor-supported version.

Anyone who has been involved in distributing Firefox for a Linux distro will
tell you that these problems have been going on for ages now, and it's not
all roses.

(Have a look at the Mozilla security update history from Red Hat AS 2.1.)

- Jeff

-- 
linux.conf.au 2007: Sydney, Australia           http://lca2007.linux.org.au/
 
  "Elmo loves wasabi. That's why Elmo has no eyelids." - Elmo on Rove Live




More information about the linux-aus mailing list