For the first time in 3 years I am installing firefox from the moz site
and uninstalling the ebuild - I recommand everyone do that ASAP until the
gentoo devel wake up and realize how serious this is and fix the ebuild.
You know, you are more than welcome to contribute an ebuild for the new
firefox rather than bitching that we're too slow. As for why we're so slow
(as you put it...didn't the new version just come out yesterday?), the
primary maintainer for all of the Mozilla stuff (firefox, mozilla, seamonkey,
thunderbird, etc.) quit about 2 weeks ago. We've been trying to find someone
to step up and take permanent maintainership, but until then, the "backup
maintainers" are busy people and will get to it when they have time.
I don't believe that I was 'bitching'. I was merely stating that this was
a serious issue and that it should be addressed as soon as possible.
I have complete empathy for the situation, however no distro (commercial
or community based) can simply use as an excuse that the person who is
responsible is gone/on vacation/insert reason for not being there. This
isn't a new feature request, this is a major vulnerability we are talking
about.
Not only will gentoo suffer because the users will be affected by this,
yet one of the major benefits of an open-source os such as gentoo/linux is
that responses to security holes are generally very quick (this is often a
comparison point between linux and windows).
- Rod
--
gentoo-security@gentoo.org mailing list
