[02:00] <oerheks> nor you have mint, tomreyn
[02:00] <oerheks> *hips*
[02:38] <lotuspsychje> good morning to all
[03:00] <hggdh> lotuspsychje: morn
[03:14] <lotuspsychje> heyy hggdh guiverc
[03:15] <guiverc> howdy lotuspsychje
[06:09] <ducasse> good morning
[11:28] <BluesKaj> Howdy all
[12:09] <pauljw> hi everyone
[12:10] <BluesKaj> 'Morning pauljw
[12:10] <pauljw> hey BluesKaj :)
[12:15] <BluesKaj> heatwave here, 90F/90% humidity
[12:41] <pauljw> same here, BluesKaj, thank goodness for a/c.
[12:45] <BluesKaj> yup, already turned it on, it's already 28C/83F /80% humidity
[12:45] <BluesKaj> outside
[12:47] <BluesKaj> we a near tornado yesterday over our little town, that was a scary experience...the clouds were dark green then the wind came up and rain was horizontal
[12:57] <pauljw> oooh, yeah, don't like tornadoes.
[12:58] <BluesKaj> heh, no kidding
[13:00] <BluesKaj> very rare around here
[15:23] <tomreyn> oerheks: have firefox upgrades been made available faster in the past?
[15:24] <tomreyn> (when they contained critical security patches, but i thinkt hat's almost the case, more or less)
[16:28] <oerheks> tomreyn,  i thought FF is on a 6 week cycle?
[16:29] <oerheks> something like that
[16:29] <tomreyn> oerheks: yu mean upstream releases are?
[16:30] <oerheks> yes? i see it in debian already
[16:30] <tomreyn> what i was asking about is time to patch, or how fast the upstream releases have hit ubuntu in the past.
[16:31] <oerheks> i don't remember exactly, normally firefox would appear 3-5 days afer release, chromium much later
[16:32] <tomreyn> i guess we could check mozilla security advisories vs USNs
[16:32] <tomreyn> ...comparing dates
[16:32] <tomreyn> Firefox https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
[16:32] <oerheks> stable in debian https://packages.debian.org/search?keywords=firefox
[16:35] <tomreyn> paste firefox USNs https://www.google.com/search?q=host%3Ausn.ubuntu.com+firefox
[16:35] <tomreyn> *past
[16:36] <tomreyn> oerheks: not stable in debian, no. they use ESR
[16:38] <tomreyn> actualyl this link https://www.google.com/search?q=site%3Ausn.ubuntu.com+firefox
[16:38] <oerheks> oh indeed, sid gives 61 https://launchpad.net/debian/sid/+source/firefox
[16:39] <tomreyn> btw you got a private message if you dont ignore them
[16:39] <oerheks> so, maybe today or tomorrow, holding on on the 4-5 day cycle? but that cycle is just an observation
[16:39] <oerheks> yes i read it.
[16:40] <tomreyn> i dont know the usual time to patch, it's what i'm trying to determine now
[17:05] <tomreyn> oerheks: feel free to add to it in case you got some time: https://lite.framacalc.org/QdSF3zNebB
[17:11] <tomreyn> just pick some version from https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ and look up the usn
[17:17] <oerheks> 6 week cycle indeed https://wiki.mozilla.org/Release_Management/Calendar
[17:17] <oerheks> maybe i should just contact the mozilla team
[17:17] <tomreyn> about what? asking them to patch firefox in ubuntu?
[17:18] <oerheks> not patching, just the whole new version?
[17:20] <tomreyn> right, that's what i meant. but why would mozilla provide ubuntu packages? for all we know they have some kind of contract with ubuntu to define who does what (not) and to protect each others brands.
[17:20] <tomreyn> s/ubuntu/canonical/
[17:20] <oerheks> oh, i thought we waited for the debian branch to build first?
[17:21] <tomreyn> i tzhionk packaging firefox in ubuntu is independant from debian
[17:21] <tomreyn> *think
[17:22] <tomreyn> since canonical decided to do rolling releases for firefox in ubuntu some years ago.
[17:23] <tomreyn> before this, there was a team involving people form both debian and ubuntu working on backporting patches.
[17:23] <tomreyn> actually that was the very old times, then both debian dn ubuntu switched to esr, then ubuntu switched to rolling releases
[17:24] <tomreyn> dn -> and
[17:24] <tomreyn> that's from my memory, may be incorrect
[17:24] <oerheks> hasn't that changed when firefox changed to 6 week cycle too?
[17:24] <oerheks> this happened a few years ago, iirc
[17:28] <tomreyn> what do you mean changed then?
[17:29] <EriC^^> evening all
[17:30] <tomreyn> mozilla was never happy with distros shipping old firefox releases with backports, which is why they prohibited using the firefox brand on those backports, which is why there was iceweasel.
[17:30] <tomreyn> hi eric
[17:30] <EriC^^> hi tomreyn
[17:31] <oerheks> oh so far does my knowledge not go ..
[17:31] <oerheks> hi EriC^^
[17:31] <EriC^^> hi oerheks
[17:31] <oerheks> at a certain point, i read about firefox releasing a fresh version any 6 weeks, and seems correct looking at their timetable
[17:32] <oerheks> EriC^^, i am wondering why FF 61 is not in the repos yet
[17:32] <EriC^^> aha
[17:32] <oerheks> and what the 'normal' timeline is, between release and build
[17:32] <tomreyn> yes, i agree that they seem to have a 6 week release schedule. but this doesn't tell us how long it takes for upstream releases to arrive in ubuntu
[17:33] <oerheks> i migh be wrong looking a debian, expecting that package to show up
[17:33] <oerheks> jups
[17:33] <tomreyn> debian stable wont have 61.0.0
[17:33] <tomreyn> unless 61.0.0 will be selected as an ESR by mozilla
[17:34] <tomreyn> ESR = "extended support release"
[17:34] <oerheks> nope, 60 will jump to 68
[17:34] <tomreyn> so debian stable wont have 61
[17:35] <tomreyn> debian testing aklso uses ESR exclusively, i think
[17:36] <tomreyn> so either ubuntu syncs firefox from debian unstable (but i dont think they do) or they build it themselves.
[17:38] <tomreyn> chances are that canonical is bound to some contractual terms to be able to deliver "firefox" branded packages. such as not removing / modifying some things (default search engine? start page still getting the google cookie?)
[17:40] <tomreyn> i'm just making this up, have no idea what is there and what isn't, but it would seem logical for how businesses would set terms.
[18:42] <oerheks> tomreyn, > chrisccoulson> it will be published when it's in a releasable state and we can build language packs that work
[18:43] <oerheks> so it is a 2-trap rocket
[18:47] <tomreyn> thanks for sharing
[18:47] <tomreyn> while going over the USNs i notice that there have been many regressions and upstream follow up releases.
[18:48] <tomreyn> probably not the greatest packages to work on.
[18:49] <tomreyn> btw. my table is growing steadily
[18:49] <oerheks> I have no idea how hard that would be, i would like to contribute, but understanding how this packaging works is also valuable to pass on
[18:51] <tomreyn> looking at the launchpad bazaar(s) will probably provide more info on how packaging is done.