On Sat, Nov 24, 2012 at 12:03:09PM +0100, Landry Breuil wrote: > Hi, > > i'd like to remove www/firefox35 from the ports tree : > - it's been EOL'ed upstream since 18 months, and thus receives no > security updates. I have no idea if there are users of this port still > around. > - it was originally kept in the tree because it was the only version > working with the java plugin from devel/jdk/1.6, but the java plugin > is known for an enormous amount of security vulns those days, and i > think 1.6 doesnt receive security updates regarding this (kurt ?) > Firefox blocks it by default, see > http://blog.mozilla.org/addons/2012/04/02/blocking-java/ and > https://addons.mozilla.org/en-US/firefox/blocked/p80. I havent > personally tested that. > - those days we have www/icedtea-web, which apparently works not so > badly, and is maintained. > > So, unless someone steps up with a valid usecase (ie 'my java applet used > by thousands of users work in the old crusty insecure java plugin and not > icedtea-web'), i'd like to remove www/firefox35. > > Opinions ? Yays ? > > Landry > > (of course, www/firefox36, even if EOL'ed upstream too, stays for sparc64.. > sigh.) >
I was just about to complain because of sparc64 ;) Since we still have ff 3.6, I'm all for removing 3.5.
