help-gnuzilla
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Release Up-to-date Version

From: jahoti
Subject: Re: Release Up-to-date Version
Date: Thu, 8 Apr 2021 22:46:00 +0000
Disclaimer: I am not an IceCat developer, never have been, and don't follow development all that closely. 

On 4/8/21 6:24 AM, Not Unix via help-gnuzilla wrote:

Hi!

IceCat isn't packaged for my distribution, so I visited 
https://www.gnu.org/software/gnuzilla/, expecting to download an up-to-date 
release.

However, it seems like the release hasn't been updated since 2019.




Wouldn't this pose a security threat? Has there been no security update since 
version 60.7?
There have been security updates: I don't know whether any of them address issues with 60.7.0, however, or if they would affect IceCat as well. If you or anyone else have the time, expertise and interest, Mozilla publishes patched issues at https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ . It'd likely be best to start from 61 and work upwards investigating, as earlier fixes are more likely to address problems that were present in that release. 


When I visited the Git repository, it seemed like IceCat is still being "worked 
on". Why doesn't GNU release an up-to-date version, then?
Releasing a new version would require a significant commitment of resources. Firstly, it would demand freezing a version of the codebase for release, so that either two separate branches would need to be kept up-to-date at least until release or any updates other than bug fixes would need to be suspended. There would then need to be testing and adjustment of numerous minutiae to ensure everything was publication-ready, perhaps some additional rigorous testing, and finally the lengthy and resource-heavy job of compiling the entire monstrosity that is a modern web browser.
The IceCat development team appears to have been very thinly stretched for a few years now, and I would suspect they simply can't afford to do all of the above in a timely manner. 


  Even if you do not want to release an up-do-date version, if there are any 
security issues with 60.7, please remove it from the download page.

Thanks!

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]