Slashdot Mirror

← Back to Stories (view on slashdot.org)

No Additional Firefox 4 Security Updates

Posted by samzenpus on from the you're-cut-off dept.

CWmike writes "Unnoticed in the Tuesday release of Firefox 5 was Mozilla's decision to retire Firefox 4, shipped just three months ago. Mozilla spelled out vulnerabilities it had patched in that edition and in 2010's Firefox 3.6, but it made no mention of any bugs fixed in Firefox 4 on Tuesday, because Firefox 4 has reached what Mozilla calls EOL, for 'end of life,' for patches. Although the move may have caught users by surprise, the decision to stop supporting Firefox 4 has been discussed within Mozilla for weeks. In a mozilla.dev.planning mailing list thread, Christian Legnitto, the Firefox release manager, put it most succinctly on May 25: 'Firefox 5 will be the security update for Firefox 4.' Problem is, users are being prompted to upgrade now but are hesitant because the new rapid release of updates means many add-ons are not compatible. And without security updates in between, many could be left exposed with unpatched browsers."

7 of 445 comments (clear)

  1. If they hadn't broken addons... by sethstorm · · Score: 5, Informative

    ...they would be fine.

    However, it looks like Mozilla failed to communicate it well enough, thinking their own notice was enough. The result is that Mozilla seems to take Microsoft's path for once - refusing to patch security issues on a relatively new release, and washing their hands clean with an EOL.

    --
    Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
  2. I don't get that by godrik · · Score: 5, Insightful

    Are they trying to kill their user base ?

    Anybody serious deploying system WILL NOT ship a mozilla product. Obsoleting a software 3 month after its release is ridiculous. You can't try to get market share and killa release in 3 month. If you don't plan to give any support, call that a development version!

    I am SO disappointed in them!

  3. Re:What the h. . . ? by Anonymous Coward · · Score: 5, Insightful

    Slashdot story

    No big news, except that the Mozilla Foundation has gone out of its mind. I think I'll stick with Firefox 3 until it reaches end of life, and then upgrade to Firefox 25.

  4. Re:BS Article by andymadigan · · Score: 5, Interesting

    As I remember, the Mozilla Add-ons site does not allow plugins to be posted if they have a maxVersion that hasn't been released yet (that's the gist of it anyway).

    You might be able to post an add-on with a maxVersion of 4.1alpha or something, but it would break on 4.1 final. Of course, there's no way to quickly re-enable the add-on, because Mozilla thinks you can't be trusted to run your own browser, an interesting concept coming from open source software.

    --
    The right to protest the State is more sacred than the State.
  5. Google Funds Most of Firefox Development... by Ron+Bennett · · Score: 5, Interesting

    Mozilla Corporation gets most of its funds from Google. Something to keep in mind in regards to the future of Firefox...

    My gut says, barring some significant change in funding / lead developers, that Firefox's future is bleak - what's happening now feels to me so much like what happened back when Netscape jumped the shark with their bloated Communicator suite. People bailed in droves.

    The ideal situation would be for a group of developers to fork Firefox 3.6.x, throw in some of the improvements from 4, and run with it. Many would be greatly appreciative, and likely support it in both time and donations; don't make the same mistake as Mozilla Foundation has in regards to relying too much on any one major donor.

  6. Who is This Helping? by swsuehr · · Score: 5, Insightful

    Who, exactly, is the rapid release schedule helping? It's certainly not helping web developers and organizations who try to list their supported browser versions and actually try to code towards those versions. The quickest path to get the corporate PHBs to stop supporting your browser is to have the IT staff say "Guess what, the next version of Firefox is already out so we need to make updates." At some places, support for browsers other than IE is tenuous at best, so making it more difficult to support these browsers only hurts the browser manufacturers.

    Want to gain more support? Release a stable product, with wide support for standards and add-ons, and do so on a sane, well-publicized schedule. People don't care about version numbers; updating software isn't something people want or like to do. Why are you making it more difficult and cumbersome for users to use your product?

  7. Dear Mozilla by m0s3m8n · · Score: 5, Insightful

    Dear Mozilla: Pull your head out of Chrome's ass.

    --
    Conservative, mod down for violating /. political norms.