If possible, it would be better to switch to Palemoon or SeaMonkey.bw123 wrote: Do you think you could downgrade? The old ver is still in the repo I just checked...
Phil
If possible, it would be better to switch to Palemoon or SeaMonkey.bw123 wrote: Do you think you could downgrade? The old ver is still in the repo I just checked...
I've been trying to find out why, if you have time can you explain a little better?pcalvert wrote:If possible, it would be better to switch to Palemoon or SeaMonkey.bw123 wrote: Do you think you could downgrade? The old ver is still in the repo I just checked...
Phil
You are unconcerned person. A cultured person will not write this.M51 wrote:Just did an apt-get upgrade on Stretch and got my Firefox replaced with the new Quantum bullshit...and all my add-ons are gone.
Maybe, but downgrading is not officially supported by the Debian by design. It should be done only as a part of emergency recovery process.M51 wrote:I can downgrade.
I'm fairly certain that's restricted to Firefox.Head_on_a_Stick wrote:Does Palemoon offer e10s?
Wrong on all counts. I've long been aware of Firefox Quantum's chicanery and yes the issue is Debian's fault for reasons I'll explain.milomak wrote:so the op failed to do his research about firefox and this is debian's fault
Non-sequitur. User settings are an integral portion of system security.milomak wrote:you are conflating your personal options with the security of a bare esr 52 and esr 60
that is debian's responsibility
please detail how esr 60 without add ons is more compromised that esr 52?
Who suggested that? It isn't necessary. Debian packages have the ability to display important messages to users during updates. That is precisely something the maintainer would have sole control over.debiman wrote: i wouldn't expect debian maintainers to rewrite firefox just for that.
No they aren't. (xul-ext-noscript, xul-ext-useragentswitcher, xul-ext-requestpolicy, etc.)debiman wrote: those addons are completely outside debian's package management...
Meaningless strawman. What elephant would that be, exactly?debiman wrote: nah, this is still a fly, you won't be able to make an elephant out of it.
Dai_trying wrote:I think a refund is in order here, you should write to the developers and request this, I am sure they would oblige.
Try pinning it, see apt_preferences(5) for the method.Caitlin wrote:Iis there some way to upgrade my system EXCEPT FOR FIREFOX?
Code: Select all
/etc/apt/preferences
Code: Select all
Package: firefox*
Pin: *
Pin-Priority: -5
When I want to keep a package I doCaitlin wrote: I just want to keep what I've got for the time being.
Code: Select all
sudo apt-mark hold <package-name>
(1) But this is not Debian's fault, there is nothing EXPLICITLY stated that removes user's add-ons, Debian devs never said/wrote any code that could be translated to "Hey, let's remove all user's add ons"Removing add-ons unquestioningly also creates security problems.
The source of information was there a long time ago, as another user said earlier, that upgrade WAS in fact announced.firstly: Doing apt-get upgrade on a stable system should not leave a system in a less secure state ***WITHOUT INFORMING THE USER***.
Code: Select all
apt-listchanges
In that case Debian devs shouldn't research every user they have, it is equally stupid to maintain an EOL version for 1 or 2 users that won't affect debian if they leave out of millions our there who do searchNo one should need to research every package update in stable. To insist that is to be stupid and/or disingenuous.
CVE's are not the only concern on EOL versions, there could be some other issues like compat versions between extensions, dependencies & even web standards (Look at promises on Palemoon).1) Continue with the current version and take the responsibility for patching the vulns.
me neither.I do not blame Debian for not pursuing this path.
Again, that "vulnerable" state you're talking about is very relative in your case, if you claim to browse with all those extensions & proxies then YES, you are in a higher security level and extensions not working could decrease it, unfortunately not all users browse that way, in face if we put ourselves in their shoes then we could add a fancy dialog informing them that they have a much secure browser.Update the version and during the upgrade inform the user that their system will be left in a vulnerable state until action is taken.
Also the user's fault for not reading in this case, besides the maintainers fix issues when they can, and they mostly package & patch, if there are still doubts please return to (1).Unfortunately, option two was chosen but no notification given. This is a failure of the Debian maintainer's making. The bug that bw123 linked to only reinforces this.
These aren't the Arch or the Fedora Forums, If you don't like the way Debian works you can always switch distros.I'd really expect this in something like Arch, or Fedora, but not Debian. Well, not until now...I guess I do now.