Magazine Informatica

Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility, Unity e Firefox.

Creato il 02 dicembre 2011 da Hugor @msdiaz61
Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility,  Unity e Firefox.Sappiamo tutti quanto sia importante mantenere aggiornato il proprio sistema operativo, ma è parimenti esperienza comune che spesso siano proprio gli aggiornamenti a introdurre nuovi bug. Ubuntu segue delle linee guida ben precise per gestire questa situazione.
La chiave di volta dell’intero discorso è che, una volta rilasciata la release, gli aggiornamenti non si fanno affatto, a meno che non riguardino vulnerabilità di sicurezza o bug particolarmente significativi.
Addirittura, nell’ottica di stabilizzare la release, già durante le ultime fasi di sviluppo l’ingresso di nuovi pacchetti dei vari software è sottoposto ad un controllo particolarmente rigido (una fase nota agli sviluppatori come “Feature Freeze”, appunto).
Gli aggiornamenti proposti a continuazione fanno parte del bollettino di sicurezza settimanale rilasciato da Canonical e riguardano in particolare:
  • Save and easy web browser from Mozilla.
  • Unity appmenu integration for Firefox.
  • Utility for browsing, installing and removing software.

Save and easy web browser from Mozilla.
 Modifiche per le versioni:
Versione installata: 7.0.1+build1+nobinonly-0ubuntu2
Versione disponibile: 8.0+build1-0ubuntu0.11.10.3
Versione 8.0+build1-0ubuntu0.11.10.3:
  * New upstream release from the stable channel (FIREFOX_8_0_BUILD1)
   - see LP: #887339 for USN information
  [ Chris Coulson ]
  * Don't disable our bundled addons on upgrade
   - update debian/vendor.js
  * Modify the UA string to add "Ubuntu" to the platform component
   - add debian/patches/ubuntu-ua-string-changes.patch
   - update debian/patches/series
   - update debian/rules
  * Move custom scripts to debian/build
   - move debian/get-xpi-id.py to debian/build/get-xpi-id.py
   - move debian/refresh-supported-locales.pl to
   debian/build/refresh-supported-locales.pl
   - move debian/extract-file.py to debian/build/extract-file.py
   - update debian/rules
   - move debian/testsuite.mk to debian/build/testsuite.mk
  * Dropped patches fixed upstream:
   - remove debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
   - remove debian/patches/compile-pldhash-as-C++.patch
   - update debian/patches/series
  * Refresh patches:
   - update debian/patches/firefox-kde.patch
   - update debian/patches/mozilla-kde.patch
   - update debian/patches/ubuntu-codes-google.patch
  * Shrink the default mozconfig right down so that we use mostly upstream
   defaults, rather than overriding them with our own options. It is still
   possible to override them though. We also drop the pkg-config checks in
   debian/rules which allowed a fallback build configuration when dependencies
   aren't satisfied. Really, the build should just fail here rather than
   continuing in some undesirable fallback mode
   - update debian/firefox-dev.install.in
   - update debian/firefox-dev.links.in
   - update debian/mozconfig.in
   - update debian/pkgconfig/libxul.pc.in
   - update debian/control.in
   - update debian/rules
  * Refresh build-depends, as this hasn't been done for a while:
   - Drop patchutils, libxft-dev, libxinerama-dev, libgnome2-dev and bzip2.
   These aren't needed
   - Drop liborbit2-dev - only required if there is no libidl
   - Add libglib2.0-dev, libext-dev, libfontconfig1-dev and libpango1.0-dev,
   as the configure script checks for these directly
   - Add minimum versions to libgconf2-dev, libgnomevfs2-dev, yasm and
   libgnomeui-dev
   - Specify minimum versions for libnspr4-dev, libcairo2-dev, libsqlite3-dev
   and libnss3-dev when using system versions of those libs
  * Introduce a branch config file (debian/config/branch.mk) which holds
   settings which shouldn't be merged between branches (eg, whether
   the crash reporter should be enabled)
   - add debian/config/branch.mk
   - update debian/rules
  * Move debian/locales.* to debian/config
   - move debian/locales.shipped => debian/config/locales.shipped
   - move debian/locales.unavail => debian/config/locales.unavail
   - move debian/locales.blacklist => debian/config/locales.blacklist
   - update debian/rules
   - update debian/build/refresh-supported-locales.pl
  * Don't open about:blank from the New Window quicklist entry
   - update debian/firefox.desktop.in
  * Touch debian/control.in during clean to force a refresh of debian/control,
   so we can check if it is out-of-date and fail if it is
   - update debian/rules
  * Drop the mozilla-devscripts dependency. We were only using this for creating
   tarballs anyway. Instead, implement our own get-orig-source target, which
   also fixes some problems we were having
   - update debian/control.in
   - remove debian/moz-rev.sh
   - update debian/rules
   - remove debian/mozclient/firefox.mk
   - remove debian/mozclient/firefox.conf
   - update debian/config/branch.mk
   - add debian/build/create-source
   - add debian/build/get-orig-source.mk
  * Lots of workflow improvements for dealing with language packs:
   - update debian/rules
   - add debian/build/extract-file.py
   - add debian/build/dump-langpack-control-entries.pl
   - update debian/build/refresh-supported-locales.pl
   - add debian/config/locales.all
   - update debian/config/locales.shipped
   - remove debian/config/locales.unavailable
   - update debian/control
   - update debian/build/create-tarball.py
  * Fix LP: #887435 - Backport patch from aurora to correctly handle EOF in
   js::TokenStream::getAtSourceMappingURL on platforms with unsigned chars
   - add debian/patches/correctly-handle-EOF.patch
   - update debian/patches/series
  * Turn off the one-time addon selection dialog (LP: #888307)
   - update debian/vendor.js
  [ Brian Murray ]
  * Fix LP: #758111 - update ubuntulinux.org bookmark - thanks to Jonathan
   Rothwell for the patch
Firefox delivers safe, easy web browsing. A familiar user interface, enhanced security features including protection from online identity theft, and integrated search let you get the most out of the web.
Modifiche per le versioni:
Versione installata: 7.0.1+build1+nobinonly-0ubuntu2
Versione disponibile: 8.0+build1-0ubuntu0.11.10.3
Versione 8.0+build1-0ubuntu0.11.10.3:
  * New upstream release from the stable channel (FIREFOX_8_0_BUILD1)
   - see LP: #887339 for USN information
  [ Chris Coulson ]
  * Don't disable our bundled addons on upgrade
   - update debian/vendor.js
  * Modify the UA string to add "Ubuntu" to the platform component
   - add debian/patches/ubuntu-ua-string-changes.patch
   - update debian/patches/series
   - update debian/rules
  * Move custom scripts to debian/build
   - move debian/get-xpi-id.py to debian/build/get-xpi-id.py
   - move debian/refresh-supported-locales.pl to
   debian/build/refresh-supported-locales.pl
   - move debian/extract-file.py to debian/build/extract-file.py
   - update debian/rules
   - move debian/testsuite.mk to debian/build/testsuite.mk
  * Dropped patches fixed upstream:
   - remove debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
   - remove debian/patches/compile-pldhash-as-C++.patch
   - update debian/patches/series
  * Refresh patches:
   - update debian/patches/firefox-kde.patch
   - update debian/patches/mozilla-kde.patch
   - update debian/patches/ubuntu-codes-google.patch
  * Shrink the default mozconfig right down so that we use mostly upstream
   defaults, rather than overriding them with our own options. It is still
   possible to override them though. We also drop the pkg-config checks in
   debian/rules which allowed a fallback build configuration when dependencies
   aren't satisfied. Really, the build should just fail here rather than
   continuing in some undesirable fallback mode
   - update debian/firefox-dev.install.in
   - update debian/firefox-dev.links.in
   - update debian/mozconfig.in
   - update debian/pkgconfig/libxul.pc.in
   - update debian/control.in
   - update debian/rules
  * Refresh build-depends, as this hasn't been done for a while:
   - Drop patchutils, libxft-dev, libxinerama-dev, libgnome2-dev and bzip2.
   These aren't needed
   - Drop liborbit2-dev - only required if there is no libidl
   - Add libglib2.0-dev, libext-dev, libfontconfig1-dev and libpango1.0-dev,
   as the configure script checks for these directly
   - Add minimum versions to libgconf2-dev, libgnomevfs2-dev, yasm and
   libgnomeui-dev
   - Specify minimum versions for libnspr4-dev, libcairo2-dev, libsqlite3-dev
   and libnss3-dev when using system versions of those libs
  * Introduce a branch config file (debian/config/branch.mk) which holds
   settings which shouldn't be merged between branches (eg, whether
   the crash reporter should be enabled)
   - add debian/config/branch.mk
   - update debian/rules
  * Move debian/locales.* to debian/config
   - move debian/locales.shipped => debian/config/locales.shipped
   - move debian/locales.unavail => debian/config/locales.unavail
   - move debian/locales.blacklist => debian/config/locales.blacklist
   - update debian/rules
   - update debian/build/refresh-supported-locales.pl
  * Don't open about:blank from the New Window quicklist entry
   - update debian/firefox.desktop.in
  * Touch debian/control.in during clean to force a refresh of debian/control,
   so we can check if it is out-of-date and fail if it is
   - update debian/rules
  * Drop the mozilla-devscripts dependency. We were only using this for creating
   tarballs anyway. Instead, implement our own get-orig-source target, which
   also fixes some problems we were having
   - update debian/control.in
   - remove debian/moz-rev.sh
   - update debian/rules
   - remove debian/mozclient/firefox.mk
   - remove debian/mozclient/firefox.conf
   - update debian/config/branch.mk
   - add debian/build/create-source
   - add debian/build/get-orig-source.mk
  * Lots of workflow improvements for dealing with language packs:
   - update debian/rules
   - add debian/build/extract-file.py
   - add debian/build/dump-langpack-control-entries.pl
   - update debian/build/refresh-supported-locales.pl
   - add debian/config/locales.all
   - update debian/config/locales.shipped
   - remove debian/config/locales.unavailable
   - update debian/control
   - update debian/build/create-tarball.py
  * Fix LP: #887435 - Backport patch from aurora to correctly handle EOF in
   js::TokenStream::getAtSourceMappingURL on platforms with unsigned chars
   - add debian/patches/correctly-handle-EOF.patch
   - update debian/patches/series
  * Turn off the one-time addon selection dialog (LP: #888307)
   - update debian/vendor.js
  [ Brian Murray ]
  * Fix LP: #758111 - update ubuntulinux.org bookmark - thanks to Jonathan
   Rothwell for the patch
Unity appmenu integration for Firefox.
Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility,  Unity e Firefox.
Modifiche per le versioni:
Versione installata: 7.0.1+build1+nobinonly-0ubuntu2
Versione disponibile: 8.0+build1-0ubuntu0.11.10.3
Versione 8.0+build1-0ubuntu0.11.10.3:
  * New upstream release from the stable channel (FIREFOX_8_0_BUILD1)
   - see LP: #887339 for USN information
  [ Chris Coulson ]
  * Don't disable our bundled addons on upgrade
   - update debian/vendor.js
  * Modify the UA string to add "Ubuntu" to the platform component
   - add debian/patches/ubuntu-ua-string-changes.patch
   - update debian/patches/series
   - update debian/rules
  * Move custom scripts to debian/build
   - move debian/get-xpi-id.py to debian/build/get-xpi-id.py
   - move debian/refresh-supported-locales.pl to
   debian/build/refresh-supported-locales.pl
   - move debian/extract-file.py to debian/build/extract-file.py
   - update debian/rules
   - move debian/testsuite.mk to debian/build/testsuite.mk
  * Dropped patches fixed upstream:
   - remove debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
   - remove debian/patches/compile-pldhash-as-C++.patch
   - update debian/patches/series
  * Refresh patches:
   - update debian/patches/firefox-kde.patch
   - update debian/patches/mozilla-kde.patch
   - update debian/patches/ubuntu-codes-google.patch
  * Shrink the default mozconfig right down so that we use mostly upstream
   defaults, rather than overriding them with our own options. It is still
   possible to override them though. We also drop the pkg-config checks in
   debian/rules which allowed a fallback build configuration when dependencies
   aren't satisfied. Really, the build should just fail here rather than
   continuing in some undesirable fallback mode
   - update debian/firefox-dev.install.in
   - update debian/firefox-dev.links.in
   - update debian/mozconfig.in
   - update debian/pkgconfig/libxul.pc.in
   - update debian/control.in
   - update debian/rules
  * Refresh build-depends, as this hasn't been done for a while:
   - Drop patchutils, libxft-dev, libxinerama-dev, libgnome2-dev and bzip2.
   These aren't needed
   - Drop liborbit2-dev - only required if there is no libidl
   - Add libglib2.0-dev, libext-dev, libfontconfig1-dev and libpango1.0-dev,
   as the configure script checks for these directly
   - Add minimum versions to libgconf2-dev, libgnomevfs2-dev, yasm and
   libgnomeui-dev
   - Specify minimum versions for libnspr4-dev, libcairo2-dev, libsqlite3-dev
   and libnss3-dev when using system versions of those libs
  * Introduce a branch config file (debian/config/branch.mk) which holds
   settings which shouldn't be merged between branches (eg, whether
   the crash reporter should be enabled)
   - add debian/config/branch.mk
   - update debian/rules
  * Move debian/locales.* to debian/config
   - move debian/locales.shipped => debian/config/locales.shipped
   - move debian/locales.unavail => debian/config/locales.unavail
   - move debian/locales.blacklist => debian/config/locales.blacklist
   - update debian/rules
   - update debian/build/refresh-supported-locales.pl
  * Don't open about:blank from the New Window quicklist entry
   - update debian/firefox.desktop.in
  * Touch debian/control.in during clean to force a refresh of debian/control,
   so we can check if it is out-of-date and fail if it is
   - update debian/rules
  * Drop the mozilla-devscripts dependency. We were only using this for creating
   tarballs anyway. Instead, implement our own get-orig-source target, which
   also fixes some problems we were having
   - update debian/control.in
   - remove debian/moz-rev.sh
   - update debian/rules
   - remove debian/mozclient/firefox.mk
   - remove debian/mozclient/firefox.conf
   - update debian/config/branch.mk
   - add debian/build/create-source
   - add debian/build/get-orig-source.mk
  * Lots of workflow improvements for dealing with language packs:
   - update debian/rules
   - add debian/build/extract-file.py
   - add debian/build/dump-langpack-control-entries.pl
   - update debian/build/refresh-supported-locales.pl
   - add debian/config/locales.all
   - update debian/config/locales.shipped
   - remove debian/config/locales.unavailable
   - update debian/control
   - update debian/build/create-tarball.py
  * Fix LP: #887435 - Backport patch from aurora to correctly handle EOF in
   js::TokenStream::getAtSourceMappingURL on platforms with unsigned chars
   - add debian/patches/correctly-handle-EOF.patch
   - update debian/patches/series
  * Turn off the one-time addon selection dialog (LP: #888307)
   - update debian/vendor.js
  [ Brian Murray ]
  * Fix LP: #758111 - update ubuntulinux.org bookmark - thanks to Jonathan
   Rothwell for the patch
This package provides an extension which adds support for the Unity appmenu to Firefox


Utility for browsing, installing and removing software.
Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility,  Unity e Firefox.
 Modifiche per le versioni:
Versione installata: 5.0.2
Versione disponibile: 5.0.2ubuntu0.1
Versione 5.0.2ubuntu0.1:
  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #874242)
   - softwarecenter/ui/gtk3/views/purchaseview.py: Set the ssl-ca-file
   libsoup property so ssl cert validation works.
   - CVE-2011-3150
Ubuntu Software Center lets you browse and install thousands of free and paid applications available for Ubuntu. You can view available software by category, or search quickly by name or description. You can also examine the software already installed, and remove items you no longer need.
To install or remove software using USC, you need administrator access on the computer.
 



GoogleRicerca personalizzata

Se ti è piaciuto l'articolo , iscriviti al feed cliccando sull'immagine sottostante per tenerti sempre aggiornato sui nuovi contenuti del blog:Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility,  Unity e Firefox.

Potrebbero interessarti anche :

Ritornare alla prima pagina di Logo Paperblog

Possono interessarti anche questi articoli :