On Tue, 13 Jul 2021 19:09:13 +0000, John Smith wrote:
> Thanks. Yes, that's my experience as well. The thing is, some web
> sites already refusing to work with the version of Firefox in 14.2. I
> can use chromium, but I am just concerned that other packages in 14.2
> are quickly becoming obsolete as we speak. And with no ETA for 15.0...
I don't think that 14.2 has been abandoned even though the firefox
version is now obsolete. Slackware 14.0 is still being supported (last
update the same httpd package from 7/6 2021) but its Firefox version has
not been updated since version 17.0.11esr year 2013.
The reason that Firefox stops getting updated on a still supported
version of Slackware is probably that newer versions of Firefox no longer
compiles on that version of Slackware.
For Slackware 14.2 Firefox has not been updated since version 68.12.0esr
in August 2020. This probably means that we will get no more updates of
Firefox for 14.2 even though 14.2 will continue to be supported with
other security patches.
Months before a Slackware version is abandoned there will be a notice of
End Of Life in the ChangeLog.txt. This is what that notice looked like
for Slackware 13.37 which was the last version of Slackware to get
abandoned:
+--------------------------+
Fri Apr 6 20:47:43 UTC 2018
####################################################################
# NOTICE OF INPENDING EOL (END OF LIFE) FOR OLD SLACKWARE VERSIONS #
# #
# Effective July 5, 2018, security patches will no longer be #
# provided for the following versions of Slackware (which will all #
# be more than 7 years old at that time): #
# Slackware 13.0, Slackware 13.1, Slackware 13.37. #
# If you are still running these versions you should consider #
# migrating to a newer version (preferably as recent as possible). #
# Alternately, you may make arrangements to handle your own #
# security patches. #
####################################################################
And the last security patch for Slackware 13.37 was from June 19 2018:
+--------------------------+
Tue Jun 19 22:35:25 UTC 2018
patches/packages/gnupg-1.4.23-i486-1_slack13.37.txz: Upgraded.
Sanitize the diagnostic output of the original file name in verbose
mode.
By using a made up file name in the message it was possible to fake
status
messages. Using this technique it was for example possible to fake the
verification status of a signed mail.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
(* Security fix *)
+--------------------------+
regards Henrik