Unable to open tar.gz

Mario Vukelic mario.vukelic at dantian.org
Thu Sep 13 05:26:57 UTC 2007

On Wed, 2007-09-12 at 19:13 -0700, NoOp wrote:
> The problem with that is that on Feisty Synaptic only installs version
> 1.5 which has some serious outstanding security issues. See:
> http://www.mozilla.org/projects/security/known-vulnerabilities.html
> http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird
> Supposedly Ubuntu's releases claim to fix security issues in whatever
> version they offer in the repos (and this would include 1.5), however in
> such cases I tend to lean toward installing releases via the vendor.

Don't needlessly scare the OP. For one, the site you linked to shows not
a single outstanding fix in Thunderbird 1.5. In addition, is needlessly
alarming to phrase it as you did "claim to fix security issues". It is a
long-standing Debian tradition to backport security fixes to the stable
release, and Ubuntu just follows this tradition with good reason: it is
the only way to guarantee a secure AND stable environment in a stable
release. There is no case I would have heard of in nearly a decade where
this practice failed. Plus, it is not a questions of blind trust, you
can compare the Ubuntu and Mozilla security announcements and read the
Ubuntu patches if you are concerned.

More information about the ubuntu-users mailing list