Unable to open tar.gz
NoOp
glgxg at sbcglobal.net
Thu Sep 13 18:28:52 UTC 2007
On 09/12/2007 10:26 PM, Mario Vukelic wrote:
> On Wed, 2007-09-12 at 19:13 -0700, NoOp wrote:
>> The problem with that is that on Feisty Synaptic only installs version
>> 1.5 which has some serious outstanding security issues. See:
>>
>> http://www.mozilla.org/projects/security/known-vulnerabilities.html
>> http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird
>>
>> Supposedly Ubuntu's releases claim to fix security issues in whatever
>> version they offer in the repos (and this would include 1.5), however in
>> such cases I tend to lean toward installing releases via the vendor.
>
> Don't needlessly scare the OP. For one, the site you linked to shows not
> a single outstanding fix in Thunderbird 1.5. In addition, is needlessly
> alarming to phrase it as you did "claim to fix security issues". It is a
> long-standing Debian tradition to backport security fixes to the stable
> release, and Ubuntu just follows this tradition with good reason: it is
> the only way to guarantee a secure AND stable environment in a stable
> release. There is no case I would have heard of in nearly a decade where
> this practice failed. Plus, it is not a questions of blind trust, you
> can compare the Ubuntu and Mozilla security announcements and read the
> Ubuntu patches if you are concerned.
> https://lists.ubuntu.com/archives/ubuntu-security-announce/
>
>
You are of course correct... very bad choice of words on my part & for
that I do apologize. That said, I do prefer to install stock Mozilla
programs.
More information about the ubuntu-users
mailing list