Change History (12)
comment:1 by , 21 months ago
comment:2 by , 21 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
| Summary: | firefox-115.0 → firefox-115.0esr |
Was able to get back to my machines an hour or so ago (muscle problems). 115.0esr has been made available, ordinary 115.0 has not yet shown up, nor 102.13.0esr (for JS). The differences between 115.0esr and 115.0 (based on the candidates) seem to be confined to mozilla's own scripting.
Changing the title and taking this.
Strange, they did a similar early availability of 102.12.0.
comment:3 by , 21 months ago
The major dependency changes for this new esr series are:
icu >= 73.1
nss >= 3.90.0 (with patch for intel haswell and earlier, unsure if the binary versions of 115.0 and 115.0esr will actually run on those machines)
rustc >= 1.66.0
comment:4 by , 21 months ago
Please note we should use firefox-102.13.0esr for JS102, but neither that nor non-esr firefox-115.0 seem to have been released yet.
comment:5 by , 21 months ago
102.13.0esr and vanilla 115.0 were released this morning (british time). Release notes now available for 115.0 (esr should be identical for all practical purposes, it just contains some changes for mozilla's own scripts re releases etc.
A point to note for anyone using firefox in a VM is that Mesa drivers on virtual machines are now blacklisted (i.e. no acceleration) because of https://bugzilla.mozilla.org/show_bug.cgi?id=1815481.
For 115, Hardware video decoding is now enabled for Intel GPUs on Linux.
Security fixes in 115.0 (compared to 114.0) are at https://www.mozilla.org/en-US/security/advisories/mfsa2023-22/, some rated as High including various memory safety bugs common to 114.0 and 102.12.0, as well as others specific to 114.0
Security fixes in 102.13.0 are listed at https://www.mozilla.org/en-US/security/advisories/mfsa2023-23/, some rated as High.
For firefox-102.13.0 the firefox-102.12.0-consolidated-1 patch applies and fixes problems from LLVM-16 (but on such a recent LLVM it makes sense to upgrade to 115.0esr), as does the firefox-102.12.0-ffmpeg_6-1.patch.
If you are on an older system where rustc is too old for 115.0 you could update to 102.13.0 to pick up the securilty fixes whilst planning your update to 115.0.
comment:6 by , 21 months ago
| Priority: | normal → elevated |
|---|
comment:7 by , 21 months ago
Just updated rust to 1.70.0 and icu to 73.2, seems ok for 115.0 now. Now, let's see how that build works.
comment:9 by , 21 months ago
Security Advisory SA 11.3-048 created. Leaving open for the moment, because in normal times I would have already tested updating to 115esr on my oldest supported systems (I think I've still got one 11.0) and it might be that updating rust needs a newer LLVM with potential issues. If so, I'll note the details in the ticket - might take a few days.
comment:10 by , 21 months ago
One of my two old BLFS-11.1 systems needed a newer rustc, 1.70.0 needs LLVM >= 14 : LLVM-16.0.5 built ok with gcc-11.2.0 (did not run tests).
comment:11 by , 21 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Same for my last LFS-11.0 system, so upgrading such old systems to 115esr is possible, but slow.
Seems like it hasn't really been released yet. Although the source is on archive.mozilla.org, there is no announcement or entry on the release calendar https://wiki.mozilla.org/index.php?title=Release_Management/Calendar&redirect=no It looks like the source release was a mistake, perhaps we should wait until the planned release date of July 4th?