I see, thanks. I have rebuilt. I am on linux, I have used gcc 4.8.5 because that's what I have. It all seems OK sofar...
Frank-Rainer Grahl wrote: > The vulnerabilities in 60.1 are basically fixed in 2.49.4. 52.9 and 60.1 > did overlap. > > Support for 52 ESR has ended. 2.57 is not yet ready so I backported the > fixes for 60.2 which did apply. Bills build does contain them. ewong is > currently setting up a new infrastructure for SeaMonkey outside of the > mozilla infrastructure so 2.49.5 will be delayed. If you want them now > use Bills build or compile yourself from latest esr52 sources with the > fixes on Bills website. I was unable to backport 4 bugs because they > would need extensive refactoring. Looking at them I think they have a > minimum security impact and nothing I would or do worry about. > >> I think maybe it would be good to have a list of security vulnerabilities >> and where the fix is. > > I exported everything changes between 60.1 and 60.2. Tossed away patches > which were clearly not needed e.g. infrastructure only or for new > components. The result are the fixes named mozilla-esr60_xxxxx.patch > from here: > > http://www.wg9s.com/comm-esr/patches/mozilla-249/ > > The others are infrastructure or fixes from the previous shared > Thunderbird and SeaMonkey 2.49 branch. The ones starting with 9999999 > are private fixes not yet in any tree. The XP SP3 prerequisite patch > probably won't make it into any official tree ever. > > If you compile yourself you can now use VS2017 and latest Rust. For gcc > use gcc 5.xx for best results. > > FRG > > > Richmond wrote: >> Do these vulnerabilities apply to Seamonkey? (I think yes) Will they get >> fixed? >> >> https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/ >> >> I see this question was asked here: >> >> https://groups.google.com/forum/#!topic/mozilla.support.seamonkey/bt_sxMUd4Pc >> >> >> The answer was to go here: >> >> http://www.wg9s.com/comm-esr/ >> >> But where does this build come from? Maybe I need to get the source from >> hg and compile again? My build is from 3/August/2018. I think maybe it >> would be good to have a list of security vulnerabilities and where the >> fix is. >> _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
