Firefox critical update not updating my latest fedora-30

[m...@militant.dk]

Hi everyone,

I am seeming to miss the latest firefox critical security updates(https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/) in my fedora-30 template due to slower updating of fedora 30:

[user@fedora-30 ~]$ sudo dnf clean all
114 files removed
[user@fedora-30 ~]$ sudo dnf update
Adobe Systems Incorporated                      1.2 kB/s | 2.0 kB     00:01   
Dropbox Repository                              2.2 kB/s | 2.4 kB     00:01   
Fedora Modular 30 - x86_64 - Updates            1.1 MB/s | 4.0 MB     00:03   
Fedora 30 - x86_64 - Test Updates               2.9 MB/s | 8.2 MB     00:02   
Fedora 30 - x86_64 - Updates                    4.8 MB/s |  23 MB     00:04   
Fedora 30 - x86_64                              6.6 MB/s |  70 MB     00:10   
google-chrome-unstable                          4.4 kB/s | 3.5 kB     00:00   
google-chrome - x86_64                          6.1 kB/s | 3.5 kB     00:00   
Qubes OS Repository for VM (updates)            163 kB/s | 189 kB     00:01   
Qubes OS Repository for VM (updates-testing)    235 kB/s | 263 kB     00:01   
Qubes OS Repository for VM (security-testing)    85 kB/s |  91 kB     00:01   
Qubes OS Repository for VM (unstable)           489  B/s | 520  B     00:01   
RPM Fusion for Fedora 30 - Free - Updates       295 kB/s | 405 kB     00:01   
RPM Fusion for Fedora 30 - Free                 436 kB/s | 735 kB     00:01   
RPM Fusion for Fedora 30 - Nonfree - Updates     65 kB/s |  80 kB     00:01   
RPM Fusion for Fedora 30 - Nonfree              214 kB/s | 227 kB     00:01   
skype (stable)                                  4.8 kB/s | 4.0 kB     00:00   
Dependencies resolved.
Nothing to do.
Complete!
[user@fedora-30 ~]$ firefox -v
Mozilla Firefox 71.0

https://apps.fedoraproject.org/packages/firefox shows it is not released yet to fedora-30, even though it is currently exploited in the wild and released for 31 and 32 .

I could also not update the package using (also tried with clean all):

[user@fedora-30 ~]$ sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-2713adc57f
Last metadata expiration check: 0:56:23 ago on Sat 11 Jan 2020 08:56:44 PM CET.
No security updates needed, but 0 updates available
Dependencies resolved.
Nothing to do.
Complete!
[user@fedora-30 ~]$

What have other Qubes users done? Installed mozillas own version and just check for updates on startup, or creating own newer fedora templates or see this issue as an extremely rare instance you wont need to worry about?

Sincerely

Max

[Lorenzo Lamas]

You can update from testing repo: sudo dnf update firefox —enablerepo=updates-testing

When newer fedora versions are released, updates for older versions are usually slower. The comments on the update also show negative feedback which is why it has not been pushed to stable automatically. However, there are no problems if your system is up to date with latest stable nss and nspr.

[Max Andersen]

On 1/11/20 11:25 PM, Lorenzo Lamas wrote:

You can update from testing repo: sudo dnf update firefox —enablerepo=updates-testing

When newer fedora versions are released, updates for older versions are usually slower. The comments on the update also show negative feedback which is why it has not been pushed to stable automatically. However, there are no problems if your system is up to date with latest stable nss and nspr.

Instead of asking for the repository, I used the advisory. That usually works, but actually didn't because of me, having an entry in my repo file, to ensure I always get the newest KeePassXC from testing repo, if it exists. It apparently denies everything else, so I need to include it in the file.

includepkgs=keepassxc. I had to add firefox in this case.

Sincerely

Max