On Sun, 21 Jul 2013 01:13:42 +0200 (CEST) mikko.viinam...@students.turkuamk.fi wrote:
> I think it's very important to have all patches applied. But since the > details for at least the first CVE are not available, it's hard to evaluate > it. The details are also available at http://www.mozilla.org/security/announce/ All security advisories from MFSA 2013-49 to MFSA 2013-62 do apply to current Abrowser. > However, looking at this changelog [1] for 22, I see nothing too interesting > there, so perhaps the problems aren't relevant to Ubuntu and so to Trisquel. > > [1] > http://changelogs.ubuntu.com/changelogs/pool/main/f/firefox/firefox_22.0+build2-0ubuntu0.12.04.2/changelog Unfortunately the Ubuntu changelog doesn't mention security issues particularly. The last time a CVE was mentioned in the Ubuntu changelog was for Firefox 2.0 in the year 2006. So don't rely on Ubuntu changelogs when it comes to security. Debian changelogs usually are more reliable. Have a look at http://ftp-master.metadata.debian.org/changelogs//main/i/iceweasel/iceweasel_22.0-1_changelog