From: »Q« <boxcars@gmx.net>
To: gentoo-user@lists.gentoo.org
Subject: [gentoo-user] Re: Is "-fomit-frame-pointer" a gcc default?
Date: Wed, 13 Jul 2016 17:21:49 -0500 [thread overview]
Message-ID: <20160713172149.4bc4ecbd@sepulchrave.remarqs> (raw)
In-Reply-To: 20160713205339.GA15734@waltdnes.org
On Wed, 13 Jul 2016 16:53:40 -0400
waltdnes@waltdnes.org wrote:
> On Tue, Jul 12, 2016 at 05:09:28PM -0500, »Q« wrote
> > On Tue, 12 Jul 2016 12:14:57 -0500
> > R0b0t1 <r030t1@gmail.com> wrote:
> >
> > > Pale Moon is routinely behind Firefox on security fixes (actual
> > > fixes, not wanking-in-a-corner fixes).
> >
> > Is anyone other than the Pale Moon team itself trying to track its
> > vulnerabilities? I could only find one CVE for it, from 2013.
>
> See http://www.palemoon.org/releasenotes.shtml with several mentions
> of CVEs and other security fixes. Given the amount of Firefox code
> still present "under the hood", many Firefox security fixes will also
> apply to Pale Moon.
Checking just a few, the Pale Moon team takes anywhere from a few weeks
to a few months to fix security vulnerabilities which have been
published and fixed by Mozilla. And other Firefox CVEs aren't
listed by Pale Moon, so it's tough to tell whether or not Pale
Moon is/was affected. Maybe their fork of Gecko has diverged too much
to easily port Mozilla's fixes, I dunno. But not to worry, they have a
FAQ.
Is Pale Moon safe to use?
Absolutely! Pale Moon is based on the Mozilla release source code
that has a large community of developers and security-aware people,
next to having seen over a decade of development by now. [...]
OTOH, when it suits him, Moonchild stresses how very different his
codebase is now from Mozilla's.
AFAICS, no one but the Pale Moon team is tracking Pale Moon
vulnerabilities. I dunno what to make of their claims that it's safe
to use.
prev parent reply other threads:[~2016-07-13 22:22 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-11 20:27 [gentoo-user] Is "-fomit-frame-pointer" a gcc default? waltdnes
2016-07-11 20:34 ` Michael Cook
2016-07-11 20:51 ` J. García
2016-07-11 23:48 ` Volker Armin Hemmann
2016-07-12 0:47 ` waltdnes
2016-07-12 1:23 ` J. García
2016-07-12 8:25 ` [gentoo-user] " Holger Hoffstätte
2016-07-12 20:54 ` [gentoo-user] " Fernando Rodriguez
2016-07-12 10:07 ` Andrew Savchenko
2016-07-12 10:52 ` konsolebox
2016-07-12 17:14 ` R0b0t1
2016-07-12 22:09 ` [gentoo-user] " »Q«
2016-07-13 20:53 ` waltdnes
2016-07-13 22:21 ` »Q« [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160713172149.4bc4ecbd@sepulchrave.remarqs \
--to=boxcars@gmx.net \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox