I know that we are just finishing the end-of-2006 holidays, but seeing no confirmation that this bug report has been read 17 days after the Mozilla Corporation release of a security fix is discouraging.
I would like to offer Ubuntu / Kubuntu to computer-naive friends and relatives, but half the point is to help the friends and relatives escape the security holes of other operating systems. These are people who would need updates that they could download and install without Information Technology skills and without my help. If Ubuntu can't keep up with security updates to the Ubuntu-customized version, would it make sense to (1) do without the customizations entirely or (2) offer an additional Firefox package that omits those customizations for people who would go without additional features in order to obtain more rapid security updates? For readers who can't or won't wait: Daniel Robitaille's instructions for manual installation of Mozilla.org's package of Firefox 1.5.0.9 are available at http://robitaille.wordpress.com/2006/12/29/how-to-install- firefox-from-mozillaorg-via-the-command-line-in-ubuntu/ . ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2006-6077 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2006-6500 -- Firefox 1.5.0.9 still missing in Dapper https://launchpad.net/bugs/77333 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
