Mozilla Firefox, Firefox Browser, or simply Firefox, is a free and open–source (src: Wikipedia) web browser developed by the Mozilla Foundation and its subsidiary, Mozilla Corporation.
even when mozilla is (financially) having a tough time, security should be everyone’s top priority.
security wise things spin faster and faster and especially flaws in a lot of used software such as browsers is especially problematic, hence it is important to provide timely updates.
Currently firefox-esr is not receiving the latest updates, so they can also not be availble through the default Debian 9 Strech apt respositories (Debian is not to blame).
Firefox-ESR less safe than latest version?
“Firefox ESR is not ideal for most personal users. … Patches that are classified as moderate or low are not added to the Firefox ESR because you are not receiving all updates when using theFirefox ESR, it may be less secure than the release version.”
“Over time the ESR will be less secure than the regular release of Firefox, as new functionality will not be added at the same pace as Firefox, and only high-risk/impact security patches will be backported. It is important that organizations deploying this software understand and accept this.”
and it seems the security problems announced here, where fixed in firefox 70 and esr 68.2
So firefox-esr is meant for companies/schools etc. that rely on a tested (not often changing) version of firefox, to be used with their custom build applications to reduce the testing hazzle (with every new version all functionality of a web based software ought to be tested).
how to manually install firefox 71:
currently latest version
1) BACKUP YOUR BOOKMARKS (has export functionality build in) WRITE DOWN SAVED PASSWORDS!
(they will get lost during the update process, because Mozilla changed the profile layout from version 68.2 to 71)
also cool ad blocking addons such as ublock, will have to be reinstalled afterwards.
2) download latest version for your system and language: https://www.mozilla.org/de/firefox/new/
as of the time of this article, the latest version is: https://download-installer.cdn.mozilla.net/pub/firefox/releases/71.0/linux-x86_64/de/firefox-71.0.tar.bz2
or if one wants the very very latest beta: https://www.mozilla.org/en-US/firefox/all/#product-desktop-beta
safe it to one’s software repo for example /software/firefox/
3) hit the command line and become root:
# tested with hostnamectl Icon name: computer-desktop Chassis: desktop Operating System: Debian GNU/Linux 9 (stretch) Kernel: Linux 4.9.0-11-amd64 Architecture: x86-64 apt-mark hold firefox-esr; # disable apt updates for firefox which firefox; # where is the binary /usr/bin/firefox # is just a script that points to /usr/bin/firefox-esr # and this is again just a link to: /usr/lib/firefox-esr/firefox-esr # backup currention installation tar fcvz /software/firefox/firefox-esr.backup.tar.gz /usr/lib/firefox-esr/ rm -rf /usr/lib/firefox-esr/; # remove current installation cp /software/firefox/firefox-71.0.tar.bz2 /usr/lib/ cd /usr/lib/; tar fxv firefox-71.0.tar.bz2; # unpack # this will create a new folder called "firefox" # link to the folder ln -sv firefox firefox-esr # need to create one more softlink cd firefox-esr; ln -sv firefox-bin firefox-esr # change permissions so updates of firefox via firefox # can be installed as non-root user chown -R user:user /usr/lib/firefox* # done! # become non-root (Ctrl+D) # one now should be able to start firefox by typing firefox
one should now have the latest verions installed and integrated into Debian.
further updates can be downloaded and installed as non-root via: Help -> About firefox
how should it be:
there should be firefox and firefox-esr (extended support release) versions in in all default apt repositories, so people can apt install firefox or apt install firefox-esr and stay up to date with apt.
Google used to ignore JS loaded/included content.
where are the packages?
# show repository that package firefox-esr was installed from apt-cache policy firefox-esr firefox-esr: Installiert: 68.2.0esr-1~deb9u2 Installationskandidat: 68.2.0esr-1~deb9u2 Versionstabelle: *** 68.2.0esr-1~deb9u2 500 500 http://security.debian.org/debian-security stretch/updates/main amd64 Packages 100 /var/lib/dpkg/status 60.7.1esr-1~deb9u1 500 500 http://ftp.halifax.rwth-aachen.de/debian stretch/main amd64 Packages 60.6.3esr-1~deb9u1 500 500 http://ftp.halifax.rwth-aachen.de/debian stretch-updates/main amd64 Packages
the people behind Mozilla Firefox: https://www.mozilla.org/en-US/about/leadership/