[blfs-dev] HEADSUP - Firefox Addons Bug Fixed
Hi folks, On May 4th, 2019, a bug surfaced in Firefox related to Addons. This was due to an internal certificate that expired, and was not renewed by Mozilla until problems were already present. The initial fix was deployed on May 5th, 2019, through a patch in Mozilla's Studies system. This fix expires soon, so we highly recommend updating to 66.0.5 or 67 whenever it comes out. Once that fix expires, versions 66.0.4 all the way down to 52 (when the certificate was introduced) will stop working with any addons or extensions that you have installed. Other reports on Mozilla's bug tracker say that SSL support will be broken as well. We highly recommend updating to Firefox 66.0.5 or later. On an 8.4 system, I can confirm that it works perfectly without any updates. That's not to say that I wouldn't recommend updating certain dependencies such as node.js, SQLite, NSS, NSPR, Harfbuzz, and wget though, due to security vulnerabilities that have since been patched. Note that Firefox 66.x fixes a lot of vulnerabilities over 65.0.1 as well. Rust-1.32.0 and LLVM-7.0.1 should be perfectly fine as well. An errata entry will be published to document this fix. Thank you, Douglas R. Reno -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [systemd] Add a warning about /run/nologin in shadow
On 5/12/19 1:48 AM, Xi Ruoyao via blfs-dev wrote: On 2019-05-12 13:10 +0800, Xi Ruoyao via blfs-dev wrote: On 2019-05-11 16:07 +,DJ Lucas via blfs-dev: Note that the root user can always login, regardless of /run/nologin. I think I've tried to use root but it didn't work... Let me retry. You're right. When I tried to login as root, though the warning showed up, I could continue to login. Maybe I rebooted the system just after seeing the warning before. Updated the note in r21583. However, `echo 'rm -rf /run/nologin' > /lib/systemd/systemd-user-sessions` really won't work. I created a PR making systemd not to create /run/nologin if PAM is not enabled at build: https://github.com/systemd/systemd/pull/12543 Thanks for this, I'll login to GitHub and +1 it. I'm listed as the maintainer of LFS systemd in their MAINTAINERS file, so this might get up to the top of their queue faster. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [systemd] Add a warning about /run/nologin in shadow
On 5/12/19 1:48 AM, Xi Ruoyao via blfs-dev wrote: On 2019-05-12 13:10 +0800, Xi Ruoyao via blfs-dev wrote: On 2019-05-11 16:07 +,DJ Lucas via blfs-dev: Note that the root user can always login, regardless of /run/nologin. I think I've tried to use root but it didn't work... Let me retry. You're right. When I tried to login as root, though the warning showed up, I could continue to login. Maybe I rebooted the system just after seeing the warning before. Updated the note in r21583. However, `echo 'rm -rf /run/nologin' > /lib/systemd/systemd-user-sessions` really won't work. I created a PR making systemd not to create /run/nologin if PAM is not enabled at build: https://github.com/systemd/systemd/pull/12543 It looks like a simple sed if upstream doesn't respond. -- Bruce -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [systemd] Add a warning about /run/nologin in shadow
On 2019-05-12 13:10 +0800, Xi Ruoyao via blfs-dev wrote: > On 2019-05-11 16:07 +,DJ Lucas via blfs-dev: > > Note that the root user can always login, regardless of /run/nologin. > > I think I've tried to use root but it didn't work... Let me retry. You're right. When I tried to login as root, though the warning showed up, I could continue to login. Maybe I rebooted the system just after seeing the warning before. Updated the note in r21583. However, `echo 'rm -rf /run/nologin' > /lib/systemd/systemd-user-sessions` really won't work. I created a PR making systemd not to create /run/nologin if PAM is not enabled at build: https://github.com/systemd/systemd/pull/12543 -- Xi Ruoyao School of Aerospace Science and Technology, Xidian University -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
