# Firefox 3.6.3?

## ChrisJumper

Hi,

did somebody know when the new firefox will arrive in portage? Since the news, that there is a important security issue with firefox 3.6.2, i would like to update as soon as possible.

What about copy mozilla-firefox-3.6.2.ebuild to mozilla-firefox-3.6.3.ebuild, digest the it and try to update? Should it work?

Oh ok it will need a new version of xulrunner 1.9.2.3 which is still not in portage too.

What is the best way to "work around" this until the firefox is not in portage? Using another Browser for two days? Downloading the Linux-Version from the Website? Or create and digest an ebuild..? But when i do this, how should i do this?

Regards

Chris

----------

## XQYZ

Are you really that worried about things like this? Seriously I couldn't sleep at night if I had such worries. It's only been a couple of days and it will certainly sooner than later be fixed. After all it is not very likely to affect you in such a short period of time and if it did it will be most likely be "optimized" for Windows machines. If you are really worried about it mask 3.6 and go back to 3.5. Those were not affected afaik. However, those might have other flaws.

----------

## AllenJB

It's there now

----------

## robnotts

Doesn't compile, but it is there... https://bugs.gentoo.org/show_bug.cgi?id=313185. Am presently trying without the spell patch to see if that helps... will report back on the bug if any success.

----------

## Nerevar

As explained by that bug, the following allows it to compile:

```
# cat /etc/portage/env/net-libs/xulrunner 

EPATCH_EXCLUDE="1001_fix-system-hunspell.patch"
```

----------

## bigdweeb

What is the result of excluding that patch?  Does that mean no spell check?  I read through the bug report and it looks like a reference to mozHunspellDirProvider.h was accidentally omitted from a makefile somewhere.  Is that right?

----------

## ChrisJumper

Hi,

thank you Nerevar, with this exclude the build of xulrunner-1.9.2.3 work fine.

 *Quote:*   

>  Does that mean no spell check? 

 

No i still have Spellcheck here.

Edit: I suppose the Patch should apply to use the systems hunspell instead of an integrated package of mozilla/firefox? But don't know that i could use firefox with a systems hunspell, shared with other applications. I used/installed the "add-ons", that come through the web.

Edit2: About security, yes i am paranoid and i feel better if i had the newest Version of a Program, especially if there is huge security bug. I used Konqueror for the two days. I am so afraid of this cause its the program i mostly use wen the Computer is running. And i know there are many automatic methods to farm new Bots. You are right and they mostly design for Windows, but i know, that there are some Linux-Rootkits and trojan Programs. And so its not a big jump from adding these Packages to the Database that break Linux-Systems too. 

I just command to add app-forensics/rkhunter to your system and check it weekly.

But i still don't run the Firefox as another user... but i will do this if i had some time.Last edited by ChrisJumper on Mon Apr 05, 2010 6:13 pm; edited 1 time in total

----------

## sunoterra

can confirm that the work around works as suggested.  for those that need a little more direction, you will most like have to create the /etc/portage/env and the /etc/portage/env/net-libs directories (i use sudo to elevate my privs):

```

$ sudo mkdir -p /etc/portage/env/net-libs

```

then create a file named "xulrunner" and place the patch exclude directive in it:

```

$ sudo vim /etc/portage/env/net-libs/xulrunner

.

.

 1 EPATCH_EXCLUDE="1001_fix-system-hunspell.patch"

:wq

$

```

attempt the emerge again, and it should work.

the red squiggly lines all over this TEXTAREA tell me that the spell-check is indeed working well.   :Very Happy: 

```

aenea ~ # emerge --info

Portage 2.1.7.17 (default/linux/amd64/10.0/desktop, gcc-4.3.4, glibc-2.10.1-r1, 2.6.31-gentoo-r10-2 x86_64)

=================================================================

System uname: Linux-2.6.31-gentoo-r10-2-x86_64-Pentium-R-_Dual-Core_CPU_E5300_@_2.60GHz-with-gentoo-1.12.13

Timestamp of tree: Mon, 05 Apr 2010 12:15:02 +0000

ccache version 2.4 [enabled]

app-shells/bash:     4.0_p35

dev-java/java-config: 2.1.10

dev-lang/python:     2.6.4-r1

dev-util/ccache:     2.4-r7

dev-util/cmake:      2.6.4-r3

sys-apps/baselayout: 1.12.13

sys-apps/sandbox:    1.6-r2

sys-devel/autoconf:  2.13, 2.63-r1

sys-devel/automake:  1.9.6-r3, 1.10.3

sys-devel/binutils:  2.18-r3

sys-devel/gcc:       4.3.4

sys-devel/gcc-config: 1.4.1

sys-devel/libtool:   2.2.6b

virtual/os-headers:  2.6.30-r1

ACCEPT_KEYWORDS="amd64"

ACCEPT_LICENSE="* -@EULA dlj-1.1"

CBUILD="x86_64-pc-linux-gnu"

CFLAGS="-O2 -march=core2 -pipe -mno-tls-direct-seg-refs"

CHOST="x86_64-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/share/X11/xkb"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"

CXXFLAGS="-O2 -march=core2 -pipe -mno-tls-direct-seg-refs"

DISTDIR="/usr/portage/distfiles"

FEATURES="assume-digests ccache distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"

GENTOO_MIRRORS="http://distfiles.gentoo.org/ "

LDFLAGS="-Wl,-O1"

LINGUAS="en en_GB"

MAKEOPTS="-j3"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage"

USE="X a52 aac acl acpi alsa amd64 berkdb branding bzip2 cairo cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr emboss emerald encode exif fam firefox flac fortran fuse gdbm gif glitz gpm gtk hal iconv jpeg lcms libnotify lock mad mikmod mmx mng modules mp3 mp4 mpeg mudflap multilib ncurses nls nptl nptlonly ogg opengl openmp pam pango pcre pdf perl png ppds pppd python qt3support readline reflection sdl session smp spell spl sse sse2 sse3 ssl startup-notification svg sysfs tcpd threads thunar tiff truetype unicode usb vorbis x264 xcb xml xorg xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel" 

Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

```

----------

