Description of problem: Replace Mozilla with XULRunner as per this: http://www.redhat.com/archives/fedora-devel-list/2006-June/msg00336.html
However, XULrunner will not be ready in time for FC6. According to caillon, the current XULRunner is a "developer preview" and not suitable for shipping. If we want gecko 1.8 in the fc6 timeframe (and e.g. epiphany and yelp require it now), then we need to move seamonkey into core.
This is not about FC6. This is about FC5. At present, Mozilla 1.7.13 is unsupported and it contains security holes which are affecting Epiphany and any other software that depends on it in a supported version of FC (i.e. version 5). Either Mozilla needs to be patched to remove security holes or Seamonkey introduced in its place or the whole thing needs to be replaced with XULRunner
Sorry, one other possibility here: Epiphany and other stuff can also be linked against FF, of course.
(In reply to comment #3) > Sorry, one other possibility here: Epiphany and other stuff can also be linked > against FF, of course. FF is static linked , and so cannot be linked against
Epiphany and Galeon and such support linking against Firefox, so clearly it is possible. The fedora firefox package is missing a firefox-devel sub package...
Regarding comment #4: Even if that's true, it can surely be changed.
If Bugzilla is a democracy, let me just make my vote and say I'm going to install SeaMonkey anyhow. Can't it be done for both FF and SeaMonkey to be in core and provide Gecko to other packages? Both FF 1.5 and SM 1.0 have Gecko 1.8, both FF 2.0 and SM 1.5 will have Gecko 1.9. Right now I have Mozilla and SeaMonkey (funny, isn't it?) on my FC5, because stuff "depend" on Mozilla (but I use most of it with SeaMonkey 1.5a anyhow).
Change the summary to reflect the actual request.
Firefox is definitely not statically linked in Fedora, try: ldd /usr/lib/firefox-1.5.0.4/firefox-bin (/usr/bin/firefox is just a shell script.)
(In reply to comment #7) > Both FF 1.5 and SM 1.0 have Gecko 1.8, correct > both FF 2.0 and SM 1.5 will have Gecko 1.9. my understanding of current mozilla.org plans, which might be wrong and might change, is: FF 2.0 and SM 1.1 will be Gecko 1.8.1 some time in the future FF 3 and SM 1.5 will be Gecko 1.9 > Right now I have Mozilla and SeaMonkey (funny, isn't it?) on my FC5, because > stuff "depend" on Mozilla (but I use most of it with SeaMonkey 1.5a anyhow). I think the difficult part is, that Mozilla 1.7.x packages provide the "runtime" GRE that other apps embed. When I created the SM package for FE I did not include GRE, because it would conflict with the one in 1.7.x, and I don't know whether the 1.8 APIs are still compatible with the 1.7 ones.
In relation to this from comment #10: > When I created the SM package for FE I did not include GRE, because it would conflict with the one in 1.7.x, and I don't know whether the 1.8 APIs are still compatible with the 1.7 ones. This is all well and good, but FC5 is still supported and it will be for some time. Therefore, all those apps that depend on Mozilla (which is currently unpatched and contains known security issues) should either be linked against something else or dropped as unsupported. Epiphany can be built against FF, according to the authors. As for the rest, I guess the only way to find out is to read the docs and then try it. It has now been over 3 weeks since all those security issues have been disclosed. Time to make some decisions...
The whole thing is going to affect RHEL as well, so it's going to be interesting to see which direction is that going to take...
My understanding is that Christopher Aillon has been working with a community of developers to create backported patches for Mozilla-1.7.13, because this is the Mozilla used in Red Hat Enterprise Linux at present. (See Bug #193906.) I would not doubt that once packages are available there for 1.7.13, that around the same time, 1.7.13 packages would also be available for Fedora Core. My understanding is also that since the Mozilla-1.7.x series is no longer supported by the Mozilla Foundation, but Seamonkey is being supported as an app that would appear to have the same features as Mozilla, that RHEL is moving towards Seamonkey down the road. I am not sure what the plans are for Fedora Core, but I would imagine that they would be parallel or similar, since RHEL and Fedora Core have many of the same developers. For a some more information, see the discussion thread starting here, in the fedora-security-list archives: <http://www.redhat.com/archives/fedora-security-list/2006-June/thread.html#00022>. Hope this helps. -David
If Christopher is working on patches for 1.7.13, then he can close this bug as WONTFIX or mark it as duplicate of bug #193906.
It is not wontfix and it is not a duplicate of the aforementioned bug.
> It is not wontfix and it is not a duplicate ... Hm, I for one lost a patience a while ago and replaced mozilla on FC5 with a seamonkey-1.0.4 with a spec file derived from the one used in updates to RHEL4. Edits boil down to a emoval of nss and nspr subpackages and changing a configuration to --with-system-nss and --with-system-nspr. As opposed to seamonkey packages from extras what I recompiled _replaces_ mozilla packages, and provides various "mozilla..." things, instead of beeing installable side-by-side. This clearly requires recompilation of some other packages (yelp, devhelp, ...), so some libraries in different locations can be found, but this was not an issue. FWIW I am running like that for some time and I do not see so far any ill-effects. Not informed about the change other users failed to notice anything unusual. :-) BTW - doing the same for older distributions, like FC4, requires even less changes in a spec file.
I lost track of this. Is the update for FC5 now Seamonkey from Extras?
> Is the update for FC5 now Seamonkey from Extras? Nope. Seamonkey has to be recompiled in the same manner, in principle, as packages from RHEL to provide, among other things, an executable called "mozilla" and also mozilla, with a suitably high version, in "Provides" or various things will break. Also other packages have to be recompiled as they use mozilla (seamonkey) supplied libraries. For sure yelp and devhelp and also, I think, thunderbird and epiphany. Probably this is complete list. In FC6 those programs depend on 'firefox' instead. You can surely use seamonkey from extras as a browser instead of your current mozilla.
I may be trying to compile Seamonkey-1.0.6 for FC5 in the i386 arch. Is anyone interested in the output of that? I could try and post it somewhere if folks are interested....
Looks like the replacement went ahead, but now seamonkey has disapeared from FC5, user not knowing what to do can't use seamonkey anymore. I would think that since seamonkey is replacing mozilla, there should have been links created or something for mozilla but leaving seamonkey alone. In my particular case, my seamonkey icons in all my users desktops no longer work, I had to manually install the other components (mozilla-mail and mozilla-chat) and now my mail no longer shows anything, no folders no e-mail accounts, nothing. I would say this was a bad decision. Leave seamonkey the way it was before and add new mozilla packages that just need seamonkey and that create links or something.
It appears that the action has taken place that this bug report requested, with the release of seamonkey-1.0.7-0.6.fc5, which happened on January 5th -- see Bug #219365 and also the release note by Martin Stransky to the fedora- package-announce mailing list: <http://www.redhat.com/archives/fedora-package-announce/2007-January/msg00024.html>. Although the above announcement doesn't explicitly say it, my impression is that seamonkey-1.0.7-0.6.fc5 is a mozilla *replacement* and overrides the FC5 seamonkey that had been maintained in Fedora Extras by Kai Engert. Note to Jairo: If you are still having the problem you note in comment #20 of this bug report, I recommend you file a new bug against Seamonkey for product "Fedora Core"/FC5, when the new "seamonkey" component is available in Bugzilla to file a bug report against. (See Bug #222811). Closing this bug report ERRATA.