Ubuntu falling behind?

Sun Jun 27 22:51:12 UTC 2010

On Sat, 2010-06-26 at 09:37 +1000, Chris Jones wrote:
> I have to wonder whether Ubuntu updates are falling behind as time
> goes on. It's now a good few days since Firefox 3.6.4 was released,
> yet Ubuntu's version still sits at 3.6.3 for some odd reason. Yet I
> can boot up my neat and trusty little Tiny Core Linux cd and to find
> that even that has 3.6.4 in it's local mirror. What takes Ubuntu so
> long to get updates? And in particular FF updates.
> 
> Regards
> 
> 
> -- 
> Chris Jones
> Photographic Imaging Professional and Graphic Designer
> ABN: 98 317 740 240
> 
> Photo Resolutions - Photo Printing, Editing and Restorations
> Web: http://photoresolutions.freehostia.com
> Email: <chrisjones at comcen.com.au> or <ubuntu_cj at comcen.com.au>
> 
Hi,

We generally try to release Mozilla updates without too much delay after
the official upstream release. However, the decision on when to release
to the archive is balanced between the need to protect users from
security vulnerabilities and the need for thorough testing, to ensure
that the upgrades are regression free and don't cause other problems for
our users. Remember that we don't just distribute Mozilla binaries, so
the packages we distribute may be affected by packaging or build issues
which don't affect the binaries that Mozilla distribute.

There are many reasons we might delay publishing the update - we might
find an issue during testing which means we can't release it to the
archive. 

In the case of the 3.6.4 update, the delay is because we are in the
process of updating all Ubuntu releases to 3.6.4 and we have been trying
to avoid releasing the new version on each of the different Ubuntu
releases at different times. Updating Hardy, Jaunty and Karmic to 3.6.4
is quite a substantial amount of work (we have to update and test all of
the extensions we ship in the archive, port and test xulrunner
applications which handle insecure content to the latest version and
test a whole bunch of other applications using xulrunner to make sure
that they still work properly after the update).

There is only a small number of people involved with this work at the
moment, but anyone can get involved by helping test the updates (and we
need more people testing these updates for Jaunty and Karmic right now).
Calls for testing have already been sent out (see [1], [2] and [3]). In
addition to this, we normally provide beta test packages of the next
Mozilla update in the ubuntu-mozilla-security PPA [4], and we encourage
users to get involved with testing those updates and reporting issues.
You can get the 3.6.4 release already from this PPA if you can't wait
for it to be copied to the archive (it will actually be updated to 3.6.6
when I start work again tomorrow, and these packages will almost
certainly be the final versions that we copy to the archive, unless we
discover any last-minute surprises).

I'm sorry you have the perception that we are falling behind, but I hope
my e-mail has cleared up some of your concerns, and I hope you
understand that the current situation is quite unusual.

Regards
Chris Coulson

[1] -
https://lists.ubuntu.com/archives/ubuntu-devel/2010-June/030811.html
[2] -
https://lists.ubuntu.com/archives/ubuntu-devel/2010-June/030906.html
[3] -
https://lists.ubuntu.com/archives/ubuntu-devel/2010-June/030941.html
[4] - https://launchpad.net/~ubuntu-mozilla-security/+archive/ppa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20100627/cf791fdd/attachment.sig>