post h1 Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility, Unity e Firefox. ~ Ubuntulandiapost h1

dicembre 02, 2011

Aggiornamenti di sicurezza importanti per Ubuntu 11.10 Oneiric Ocelot: Utility, Unity e Firefox.

| 2 Comments
Sappiamo tutti quanto sia importante mantenere aggiornato il proprio sistema operativo, ma è parimenti esperienza comune che spesso siano proprio gli aggiornamenti a introdurre nuovi bug. Ubuntu segue delle linee guida ben precise per gestire questa situazione.

La chiave di volta dell’intero discorso è che, una volta rilasciata la release, gli aggiornamenti non si fanno affatto, a meno che non riguardino vulnerabilità di sicurezza o bug particolarmente significativi.

Addirittura, nell’ottica di stabilizzare la release, già durante le ultime fasi di sviluppo l’ingresso di nuovi pacchetti dei vari software è sottoposto ad un controllo particolarmente rigido (una fase nota agli sviluppatori come “Feature Freeze”, appunto).

Gli aggiornamenti proposti a continuazione fanno parte del bollettino di sicurezza settimanale rilasciato da Canonical e riguardano in particolare:

  • Save and easy web browser from Mozilla.
  • Unity appmenu integration for Firefox.
  • Utility for browsing, installing and removing software.

Save and easy web browser from Mozilla.

 Modifiche per le versioni:
Versione installata: 7.0.1+build1+nobinonly-0ubuntu2
Versione disponibile: 8.0+build1-0ubuntu0.11.10.3

Versione 8.0+build1-0ubuntu0.11.10.3:

  * New upstream release from the stable channel (FIREFOX_8_0_BUILD1)
    - see LP: #887339 for USN information

  [ Chris Coulson ]
  * Don't disable our bundled addons on upgrade
    - update debian/vendor.js
  * Modify the UA string to add "Ubuntu" to the platform component
    - add debian/patches/ubuntu-ua-string-changes.patch
    - update debian/patches/series
    - update debian/rules
  * Move custom scripts to debian/build
    - move debian/get-xpi-id.py to debian/build/get-xpi-id.py
    - move debian/refresh-supported-locales.pl to
       debian/build/refresh-supported-locales.pl
    - move debian/extract-file.py to debian/build/extract-file.py
    - update debian/rules
    - move debian/testsuite.mk to debian/build/testsuite.mk
  * Dropped patches fixed upstream:
    - remove debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
    - remove debian/patches/compile-pldhash-as-C++.patch
    - update debian/patches/series
  * Refresh patches:
    - update debian/patches/firefox-kde.patch
    - update debian/patches/mozilla-kde.patch
    - update debian/patches/ubuntu-codes-google.patch
  * Shrink the default mozconfig right down so that we use mostly upstream
    defaults, rather than overriding them with our own options. It is still
    possible to override them though. We also drop the pkg-config checks in
    debian/rules which allowed a fallback build configuration when dependencies
    aren't satisfied. Really, the build should just fail here rather than
    continuing in some undesirable fallback mode
    - update debian/firefox-dev.install.in
    - update debian/firefox-dev.links.in
    - update debian/mozconfig.in
    - update debian/pkgconfig/libxul.pc.in
    - update debian/control.in
    - update debian/rules
  * Refresh build-depends, as this hasn't been done for a while:
    - Drop patchutils, libxft-dev, libxinerama-dev, libgnome2-dev and bzip2.
      These aren't needed
    - Drop liborbit2-dev - only required if there is no libidl
    - Add libglib2.0-dev, libext-dev, libfontconfig1-dev and libpango1.0-dev,
      as the configure script checks for these directly
    - Add minimum versions to libgconf2-dev, libgnomevfs2-dev, yasm and
      libgnomeui-dev
    - Specify minimum versions for libnspr4-dev, libcairo2-dev, libsqlite3-dev
      and libnss3-dev when using system versions of those libs
  * Introduce a branch config file (debian/config/branch.mk) which holds
    settings which shouldn't be merged between branches (eg, whether
    the crash reporter should be enabled)
    - add debian/config/branch.mk
    - update debian/rules
  * Move debian/locales.* to debian/config
    - move debian/locales.shipped => debian/config/locales.shipped
    - move debian/locales.unavail => debian/config/locales.unavail
    - move debian/locales.blacklist => debian/config/locales.blacklist
    - update debian/rules
    - update debian/build/refresh-supported-locales.pl
  * Don't open about:blank from the New Window quicklist entry
    - update debian/firefox.desktop.in
  * Touch debian/control.in during clean to force a refresh of debian/control,
    so we can check if it is out-of-date and fail if it is
    - update debian/rules
  * Drop the mozilla-devscripts dependency. We were only using this for creating
    tarballs anyway. Instead, implement our own get-orig-source target, which
    also fixes some problems we were having
    - update debian/control.in
    - remove debian/moz-rev.sh
    - update debian/rules
    - remove debian/mozclient/firefox.mk
    - remove debian/mozclient/firefox.conf
    - update debian/config/branch.mk
    - add debian/build/create-source
    - add debian/build/get-orig-source.mk
  * Lots of workflow improvements for dealing with language packs:
    - update debian/rules
    - add debian/build/extract-file.py
    - add debian/build/dump-langpack-control-entries.pl
    - update debian/build/refresh-supported-locales.pl
    - add debian/config/locales.all
    - update debian/config/locales.shipped
    - remove debian/config/locales.unavailable
    - update debian/control
    - update debian/build/create-tarball.py
  * Fix LP: #887435 - Backport patch from aurora to correctly handle EOF in
    js::TokenStream::getAtSourceMappingURL on platforms with unsigned chars
    - add debian/patches/correctly-handle-EOF.patch
    - update debian/patches/series
  * Turn off the one-time addon selection dialog (LP: #888307)
    - update debian/vendor.js

  [ Brian Murray ]
  * Fix LP: #758111 - update ubuntulinux.org bookmark - thanks to Jonathan
    Rothwell for the patch

Firefox delivers safe, easy web browsing. A familiar user interface, enhanced security features including protection from online identity theft, and integrated search let you get the most out of the web.


Modifiche per le versioni:
Versione installata: 7.0.1+build1+nobinonly-0ubuntu2
Versione disponibile: 8.0+build1-0ubuntu0.11.10.3

Versione 8.0+build1-0ubuntu0.11.10.3:

  * New upstream release from the stable channel (FIREFOX_8_0_BUILD1)
    - see LP: #887339 for USN information

  [ Chris Coulson ]
  * Don't disable our bundled addons on upgrade
    - update debian/vendor.js
  * Modify the UA string to add "Ubuntu" to the platform component
    - add debian/patches/ubuntu-ua-string-changes.patch
    - update debian/patches/series
    - update debian/rules
  * Move custom scripts to debian/build
    - move debian/get-xpi-id.py to debian/build/get-xpi-id.py
    - move debian/refresh-supported-locales.pl to
       debian/build/refresh-supported-locales.pl
    - move debian/extract-file.py to debian/build/extract-file.py
    - update debian/rules
    - move debian/testsuite.mk to debian/build/testsuite.mk
  * Dropped patches fixed upstream:
    - remove debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
    - remove debian/patches/compile-pldhash-as-C++.patch
    - update debian/patches/series
  * Refresh patches:
    - update debian/patches/firefox-kde.patch
    - update debian/patches/mozilla-kde.patch
    - update debian/patches/ubuntu-codes-google.patch
  * Shrink the default mozconfig right down so that we use mostly upstream
    defaults, rather than overriding them with our own options. It is still
    possible to override them though. We also drop the pkg-config checks in
    debian/rules which allowed a fallback build configuration when dependencies
    aren't satisfied. Really, the build should just fail here rather than
    continuing in some undesirable fallback mode
    - update debian/firefox-dev.install.in
    - update debian/firefox-dev.links.in
    - update debian/mozconfig.in
    - update debian/pkgconfig/libxul.pc.in
    - update debian/control.in
    - update debian/rules
  * Refresh build-depends, as this hasn't been done for a while:
    - Drop patchutils, libxft-dev, libxinerama-dev, libgnome2-dev and bzip2.
      These aren't needed
    - Drop liborbit2-dev - only required if there is no libidl
    - Add libglib2.0-dev, libext-dev, libfontconfig1-dev and libpango1.0-dev,
      as the configure script checks for these directly
    - Add minimum versions to libgconf2-dev, libgnomevfs2-dev, yasm and
      libgnomeui-dev
    - Specify minimum versions for libnspr4-dev, libcairo2-dev, libsqlite3-dev
      and libnss3-dev when using system versions of those libs
  * Introduce a branch config file (debian/config/branch.mk) which holds
    settings which shouldn't be merged between branches (eg, whether
    the crash reporter should be enabled)
    - add debian/config/branch.mk
    - update debian/rules
  * Move debian/locales.* to debian/config
    - move debian/locales.shipped => debian/config/locales.shipped
    - move debian/locales.unavail => debian/config/locales.unavail
    - move debian/locales.blacklist => debian/config/locales.blacklist
    - update debian/rules
    - update debian/build/refresh-supported-locales.pl
  * Don't open about:blank from the New Window quicklist entry
    - update debian/firefox.desktop.in
  * Touch debian/control.in during clean to force a refresh of debian/control,
    so we can check if it is out-of-date and fail if it is
    - update debian/rules
  * Drop the mozilla-devscripts dependency. We were only using this for creating
    tarballs anyway. Instead, implement our own get-orig-source target, which
    also fixes some problems we were having
    - update debian/control.in
    - remove debian/moz-rev.sh
    - update debian/rules
    - remove debian/mozclient/firefox.mk
    - remove debian/mozclient/firefox.conf
    - update debian/config/branch.mk
    - add debian/build/create-source
    - add debian/build/get-orig-source.mk
  * Lots of workflow improvements for dealing with language packs:
    - update debian/rules
    - add debian/build/extract-file.py
    - add debian/build/dump-langpack-control-entries.pl
    - update debian/build/refresh-supported-locales.pl
    - add debian/config/locales.all
    - update debian/config/locales.shipped
    - remove debian/config/locales.unavailable
    - update debian/control
    - update debian/build/create-tarball.py
  * Fix LP: #887435 - Backport patch from aurora to correctly handle EOF in
    js::TokenStream::getAtSourceMappingURL on platforms with unsigned chars
    - add debian/patches/correctly-handle-EOF.patch
    - update debian/patches/series
  * Turn off the one-time addon selection dialog (LP: #888307)
    - update debian/vendor.js

  [ Brian Murray ]
  * Fix LP: #758111 - update ubuntulinux.org bookmark - thanks to Jonathan
    Rothwell for the patch


Unity appmenu integration for Firefox.

Modifiche per le versioni:
Versione installata: 7.0.1+build1+nobinonly-0ubuntu2
Versione disponibile: 8.0+build1-0ubuntu0.11.10.3

Versione 8.0+build1-0ubuntu0.11.10.3:

  * New upstream release from the stable channel (FIREFOX_8_0_BUILD1)
    - see LP: #887339 for USN information

  [ Chris Coulson ]
  * Don't disable our bundled addons on upgrade
    - update debian/vendor.js
  * Modify the UA string to add "Ubuntu" to the platform component
    - add debian/patches/ubuntu-ua-string-changes.patch
    - update debian/patches/series
    - update debian/rules
  * Move custom scripts to debian/build
    - move debian/get-xpi-id.py to debian/build/get-xpi-id.py
    - move debian/refresh-supported-locales.pl to
       debian/build/refresh-supported-locales.pl
    - move debian/extract-file.py to debian/build/extract-file.py
    - update debian/rules
    - move debian/testsuite.mk to debian/build/testsuite.mk
  * Dropped patches fixed upstream:
    - remove debian/patches/build-fix-for-no-ENABLE_YARR_JIT.patch
    - remove debian/patches/compile-pldhash-as-C++.patch
    - update debian/patches/series
  * Refresh patches:
    - update debian/patches/firefox-kde.patch
    - update debian/patches/mozilla-kde.patch
    - update debian/patches/ubuntu-codes-google.patch
  * Shrink the default mozconfig right down so that we use mostly upstream
    defaults, rather than overriding them with our own options. It is still
    possible to override them though. We also drop the pkg-config checks in
    debian/rules which allowed a fallback build configuration when dependencies
    aren't satisfied. Really, the build should just fail here rather than
    continuing in some undesirable fallback mode
    - update debian/firefox-dev.install.in
    - update debian/firefox-dev.links.in
    - update debian/mozconfig.in
    - update debian/pkgconfig/libxul.pc.in
    - update debian/control.in
    - update debian/rules
  * Refresh build-depends, as this hasn't been done for a while:
    - Drop patchutils, libxft-dev, libxinerama-dev, libgnome2-dev and bzip2.
      These aren't needed
    - Drop liborbit2-dev - only required if there is no libidl
    - Add libglib2.0-dev, libext-dev, libfontconfig1-dev and libpango1.0-dev,
      as the configure script checks for these directly
    - Add minimum versions to libgconf2-dev, libgnomevfs2-dev, yasm and
      libgnomeui-dev
    - Specify minimum versions for libnspr4-dev, libcairo2-dev, libsqlite3-dev
      and libnss3-dev when using system versions of those libs
  * Introduce a branch config file (debian/config/branch.mk) which holds
    settings which shouldn't be merged between branches (eg, whether
    the crash reporter should be enabled)
    - add debian/config/branch.mk
    - update debian/rules
  * Move debian/locales.* to debian/config
    - move debian/locales.shipped => debian/config/locales.shipped
    - move debian/locales.unavail => debian/config/locales.unavail
    - move debian/locales.blacklist => debian/config/locales.blacklist
    - update debian/rules
    - update debian/build/refresh-supported-locales.pl
  * Don't open about:blank from the New Window quicklist entry
    - update debian/firefox.desktop.in
  * Touch debian/control.in during clean to force a refresh of debian/control,
    so we can check if it is out-of-date and fail if it is
    - update debian/rules
  * Drop the mozilla-devscripts dependency. We were only using this for creating
    tarballs anyway. Instead, implement our own get-orig-source target, which
    also fixes some problems we were having
    - update debian/control.in
    - remove debian/moz-rev.sh
    - update debian/rules
    - remove debian/mozclient/firefox.mk
    - remove debian/mozclient/firefox.conf
    - update debian/config/branch.mk
    - add debian/build/create-source
    - add debian/build/get-orig-source.mk
  * Lots of workflow improvements for dealing with language packs:
    - update debian/rules
    - add debian/build/extract-file.py
    - add debian/build/dump-langpack-control-entries.pl
    - update debian/build/refresh-supported-locales.pl
    - add debian/config/locales.all
    - update debian/config/locales.shipped
    - remove debian/config/locales.unavailable
    - update debian/control
    - update debian/build/create-tarball.py
  * Fix LP: #887435 - Backport patch from aurora to correctly handle EOF in
    js::TokenStream::getAtSourceMappingURL on platforms with unsigned chars
    - add debian/patches/correctly-handle-EOF.patch
    - update debian/patches/series
  * Turn off the one-time addon selection dialog (LP: #888307)
    - update debian/vendor.js

  [ Brian Murray ]
  * Fix LP: #758111 - update ubuntulinux.org bookmark - thanks to Jonathan
    Rothwell for the patch

This package provides an extension which adds support for the Unity appmenu to Firefox



Utility for browsing, installing and removing software.


 Modifiche per le versioni:
Versione installata: 5.0.2
Versione disponibile: 5.0.2ubuntu0.1

Versione 5.0.2ubuntu0.1:

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #874242)
    - softwarecenter/ui/gtk3/views/purchaseview.py: Set the ssl-ca-file
      libsoup property so ssl cert validation works.
    - CVE-2011-3150


Ubuntu Software Center lets you browse and install thousands of free and paid applications available for Ubuntu. You can view available software by category, or search quickly by name or description. You can also examine the software already installed, and remove items you no longer need.

To install or remove software using USC, you need administrator access on the computer.


Ricerca personalizzata
Se ti è piaciuto l'articolo , iscriviti al feed cliccando sull'immagine sottostante per tenerti sempre aggiornato sui nuovi contenuti del blog:
, ,

2 commenti:

  1. Sono un po' stanco di Unity, ogni aggiornamento è un calvario, come posso installare Gnome 3?

    RispondiElimina
  2. Basta infatti digitare da terminale un semplice: “sudo apt-get install gnome-shell” (senza virgolette ovviamente) e poi, dopo aver scaricato i pacchetti necessari, riprovare a fare il login nel proprio utente selezionando Gnome 3 dalla piccola iconcina a forma di ingranaggio che si trova in alto a destra nella finestrella.
    Vedrai che le alternative sono tante, Gnome 3 con o senza le shell extensions, ecc
    Personalmente ho trovato che il pc con Gnome 3 con le shell extensions o con Mate va molto meglio che con Unity.

    RispondiElimina

Caricamento in corso...

Ultimi post pubblicati

Archivio

Ubuntulandia in Instagram

>center>

Post Più Popolari