Firefox 3.6 Support Ends April 2012 187
An anonymous reader writes "Mozilla for some time after switching to the rapid release process talked about releasing Extended Support Releases that would give companies and organizations some breathing space in the race to test and deploy new browser versions. With the first ESR release (which will be Firefox 10), comes the Firefox 3.6 end of life announcement. Firefox 3.6 users will receive update notifications in April to update the browser to the latest stable version by then."
rapid-release (Score:2, Informative)
Re:rapid-release (Score:3, Informative)
They're releasing less versions now then they did during 3.x if you look at the total quantity of updates rather then the version number.
And PowerPC? (Score:2, Informative)
Does this mean FF 10 will support PowerPC?
(probably not)
One less supported browser for my old PPC boxes...
Re:Group Policy (Score:4, Informative)
Right because it was so hard to script out the installer, and copy pre-crafted config file to the right place Actually if anything that ties corporate users more to a specific version because they have to actually invest some time into building their own deployment package which is certain to be somewhat version dependent.
If you IT staff can't "deploy" Firefox they are worthless. I can completely understand them not wanting to chase the latest version, preferring to just replace the executable installer package with one that just has the security fixes in it but none of the new math. So all their pre-rolled configs and installation scripts don't have to change.
Attorneys can't update. (Score:4, Informative)
Sigh. As one of the Righthaven tools[1] found out the hard way ... the CM/ECF system used by all Federal District Courts has been tested to work with FF 3.5; from extensive personal experience it also works fine with FF 3.6. It does not work at all with FF 4.0+ (in that you can't use FF to upload PDFs, which is all you'd use the Electronic Case Filing system for (document retrieval is done through PACER, though they overlap).
For some stupid reason, ECF specifies an ACCEPT parameter of “image/*” for the PDF upload forms, which of course is incorrect (PDFs are MIME type “application/pdf” per IANA [iana.org]; see also, e.g., RFC 3778 [rfc-editor.org]).
As of FF 4.0 (https://developer.mozilla.org/en/HTML/Element/input [mozilla.org]), that 'accept' parameter is honored and FF filters the file selector box to only permit image filetypes to be uploaded. End result? #massivefail
Yes, ECF is broken. But try getting not one, but 89, Federal bureaucracies to fix their tech in a timely fashion... (Each district court runs its own ECF system.)
Sigh.
[1] Declaration of Shawn A. Mangano, Esq., Righthaven LLC v. Democratic Underground, LLC, No. 10-cv-01356-RLH-GWF, docket entry 127-1 (Dist. Of Nevada, June 29, 2011)
Re:Group Policy (Score:2, Informative)
FrontMotion offers a customized version of Firefox (FrontMotion Firefox Community Edition) that supports lockdown via Group Policy. My company has been using it for years, and it meets our needs perfectly.
Re:Group Policy (Score:5, Informative)
Fine, script the installer.
Now update the home screen, and add new bookmarks to already deployed installs.
That's where GPO carries on and your solution ends.
Byob and Wpkg (Score:5, Informative)
They just relaunched Build your own browser, (byob.mozilla.com), which should help customize the settings. (I haven't tried it yet as we customized it manually)
We deploy with WPKG and find it works quite well. Not all companies use the MSI deployment tools...
Re:System requirements (Score:5, Informative)
I believe the 3.6 requirements just hadn't been updated in a few years and were more or less totally bogus. When 4 shipped, the requirements were updated to reflect reality.
Re:Group Policy (Score:5, Informative)
Firefox has to run as admin to update
True for now [mozilla.org].
It doesn't have low rights mode like chrome and IE
True.
Its crazy release schedule means zero testing before deployment
Well, other than the six weeks it's in "Beta" (i.e. release candidate) where the intent is to make no changes, and the six weeks it's in "Aurora" (i.e. beta), where only bug fixes are made. And the extra twelve weeks it's in certify/deploy state in the ESR proposal. But other than that.
extensions were breaking everywhere
Extensions rarely break with the new "major releases are now minor releases" model. As of Fx10, it will even stop claiming they're broken [mozilla.org] too.
and the final straw was that XSS bug that allowed malware writers to spam yahoo mail accounts from FF ... With low rights mode its damned near impossible to pull crap like that
OK, I'm not sure which bug you're referring to, but generally running the browser in a low-rights mode doesn't prevent XSS bugs, because XSS bugs happen inside the browser itself.
that requires admin rights to install
Wait, install? You said "update" earlier. But OK... I believe it installs fine as a non-admin user if you opt to install it to a directory the user has write permission to, which is what Chrome does by default. Firefox Portable certainly works fine as a non-admin user (updates included!), and that's just a wrapper around a vanilla Firefox.
and isn't easy at all to set up GPOs that can't be trivially bypassed by the user
True, as far as I know. Though if you're allowing the browser to be installed without admin rights, the user could presumably just overwrite it with a version that doesn't obey GPOs, so either this applies to Chrome too or you in fact don't actually want non-admin users to be able to install the browser.
I dislike the new release schedule as much as the next guy, but I'd prefer it if you disliked it for reasons that were true, or at least not getting fixed before 3.6's EoL.