Purebrowser Out-of-Date

ezs777 · July 27, 2017, 4:14pm

Why is Purebrowser at Firefox version 46? Most of the add-ons that I try to install are incompatible. Can I easily install Firefox in Pure OS?

mladen · July 28, 2017, 10:02am

Because it is based on Firefox Extended Support Release (ESR). You can download Firefox from Mozilla’s website and install it manually (deb file, install via dpkg -i terminal command), but I don’t recommend this.

ezs777 · July 29, 2017, 12:03am

I’m confused about this, because Debian 9 comes with Firefox ESR, and it’s not as out of date as Purebrowser in Pure OS. Were you planning on updating it to a newer version soon?

Also, why don’t you recommend manually installing Firefox in Pure OS?

Christian_Kaindl · July 29, 2017, 8:11am

Firefox ESR is on version 52, not 46…

mladen · July 29, 2017, 8:54am

Oh, this is what you are asking. Yes, it is outdated currently, but our dev is working on it.

First of all, I don’t recommend Firefox at all, unless you are interested enough to “tune it” for privacy. Look at this, for example: https://git.parabola.nu/abslibre.git/tree/libre/iceweasel/vendor.js

Second, sometimes out of the repo (3rd party package) install may not work because of the unmet dependencies and it will cause you just a headache.

Our PureBrowser is outdated, but recently we have two new Debian developers joined to our team, they started working on PureBrowser and other packages to bring them up to date.

ezs777 · July 29, 2017, 12:57pm

Good to know. Thanks for the progress report!

tez · November 9, 2017, 2:27am

Looks like Firefox Quantum is coming out soon with apparently much improved speed - is Purebrowser going to be updated to this version?

Purebrowser being on version #46 when the current release is at something like #57 - doesn’t that in itself make it far less secure than an up to date release? #46 came out in April 2016, I can’t imagine how many security holes have been patched since then. Or, do the Purism devs apply security patches to Purebrowser? If not, it would seem to me far more a security risk to use Purebrowser than, say, an up to date version of Chromium. Would that be a fair assessment?

deepthought · March 21, 2018, 2:05am

Purebrowser may contain critical security vulnerabilities from the un-updated ESR version of firefox that it is based upon: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/