Opened 17 years ago

Closed 17 years ago

Last modified 17 years ago

#2218 closed task (fixed)

Firefox-2.0.0.1

Reported by: dnicholson@… Owned by: dnicholson@…
Priority: normal Milestone:
Component: BOOK Version: SVN
Severity: normal Keywords: firefox
Cc:

Description

Change History (10)

comment:1 by Luca, 17 years ago

To maintain coherency with other packages than can be localized (with instrs. or comments already in the book, example OpenOffice), and as per some comments with Dan, Firefox and the other Mozilla-based packages (Thunderbird, Seamonkey, Mozilla and NVU based on some build I made, haven't tried other), here are some infos about localization:

In the .mozconfig file created as per book it's possible to add the following two lines:

ac_add_options --enable-ui-locale=<ll>
mk_add_options MOZ_CO_LOCALES=<ll>

and change the build command to:

make -f client.mk checkout build

to build localized versions (checkout is needed to download localized files). According to [path-to-sources]/mozilla/toolkit/locales/all-locales working and integrated locales are: cs, el, fi, fr, ga-IE, he, hu, it, nb-NO, nl, pl, ro, sv-SE, ru; missing localizations can be done manually by simply translating the stuff from original American-English to the desired one (example: I installed Thunderbird-2.0a1 localized but since it-sources are not available I translated by myself EN-US ones to it and placed them in [path-to-sources]/l10n/it hierarchy, used the same commands and now I use Thunderbird in italian). If the localization isn't avaible and you translated by yourself/someone else translated for you or you have it already in place the "checkout" can be removed from the build command. The localized files may have a different version number (example: Firefox-2.x uses it "langpack" 1.8.1 so it is worth to take a look before building to avoid missing xul references and so on). These infos apply to 1.5.x versions too.

in reply to:  1 ; comment:2 by dnicholson@…, 17 years ago

The checkout requires CVS, correct?

in reply to:  2 comment:3 by Luca, 17 years ago

Replying to dnicholson@linuxfromscratch.org:

The checkout requires CVS, correct?

Yes, cvs is required to download sources.

Doh, I just re-read what I wrote and there are some unclear things... it should have been written: Firefox and the other Mozilla-based packages (...) can be built localized, here are some infos about localization

comment:4 by Randy McMurchy, 17 years ago

Milestone: future6.2.1

comment:5 by Ag. Hatzimanikas, 17 years ago

Version increment to 2.0.0.2

Fixes the serious "location.hostname" security flaw. (1)

You can find if your version of firefox is vulnerable in the following link (2),where you can also follow instructions for a workaround,if you are not wishing to upgrade.

I am upgrading now to the new version,although I am not really qualified to comment about the build procedure since I deviate in some ways from the book.

Release notes. http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/

  1. https://bugzilla.mozilla.org/show_bug.cgi?id=370445
  1. http://lcamtuf.dione.cc/ffhostname.html

comment:6 by dnicholson@…, 17 years ago

Owner: changed from blfs-book@… to dnicholson@…
Status: newassigned

Yikes. If anyone is reading this and already has 2.0.0.1 installed, you can very likely use the same commands to install the new version. The Firefox folks are very conservative about what gets applied to the same patchlevel. Usually, the build fixes have to wait for the next major or minor version.

comment:7 by bdubbs@…, 17 years ago

seamonkey-1.1 is also vulnerable as shown in the link Ag gave, but I didn't see a fix released yet.

in reply to:  7 comment:8 by Ag. Hatzimanikas, 17 years ago

Replying to bdubbs@linuxfromscratch.org:

seamonkey-1.1 is also vulnerable as shown in the link Ag gave, but I didn't see a fix released yet.

Yes it makes sense since they share the same code. I will reopen the ticket and make a build with the patch from the aforementioned bug in bugzilla.

The workaround seems to work however.

Replying to dnicholson@linuxfromscratch.org:

If anyone is reading this and already has 2.0.0.1 installed, you can very likely use the same commands to install the new version.

That's true. I did two upgrades in 2 different machines without any problem.

comment:9 by dnicholson@…, 17 years ago

Resolution: fixed
Status: assignedclosed

Fixed in #6758. As for the --enable-ui-locale stuff, it's on the wiki, and I think that's the only place it can be since it requires CVS.

comment:10 by (none), 17 years ago

Milestone: 6.2.1

Milestone 6.2.1 deleted

Note: See TracTickets for help on using tickets.