Few days ago, a new security vulnerability was posted in Tor's mailing list and it contains a PoC which affects Firefox and Thunderbird and it's currently being used to exploit TorBrowser users. Mozilla quickly being notified and they released an update to their products followed by others. After analyzing it, turns out it's a SVG Animation remote code execution. It targets for Windows users, but the underlying bug is also available on other platforms as well.

Slackware include the latest Firefox and Thunderbird products in their latest update. Stable release still receive an ESR version, which is still at 45.x branch. TorBrowser is also using ESR as their baseline. They also release a new version: 6.0.7.

Another update was a request by me to include a patch to fix a problem i found while testing MATE 1.17. During creating the tarball by using make distcheck, it failed to build properly. One of MATE's developer (monsta) pointed to a bug report in LP and there was a patch to fix this issue, but somehow upstream no longer update the repository and the development seems to be stalled. Last commit was in January 2016. I send a request to Patrick and he agreed to include it on stable and current.

Two security updates for Slackware 14.1 and current has been released and that are Firefox and Thunderbird. This is a regular security update that has been regularly pushed by Pat for Slackware 14.1. Firefox in 14.1 still follows the ESR release, while Thunderbird is following latest release.

Meanwhile, in -current there are several updates:

• vim and vim-gvim: upgraded to 7.4.640
• gdb: Upgraded to 7.9
• nmap: Upgraded to 6.47
• glew: Rebuilt to include libGLEWmx
• Fluxbox: Upgraded to 1.3.7
• xChat: Don't force to use SSLv3

0.1.3, 23 Oct 2014

* The default keyserver (hidden service) has been updated:

- hkp://qdigse2yzvuglcix.onion

* Show the Sender header in message pane (closes #10226)

* Draft messages on IMAP accounts are now saved locally (closes #10309)

* Restore preferences to the user's own defaults instead of Thunderbird's

(closes #10588)

* network.proxy.no_proxies_on is no longer set to "localhost, 127.0.0.1"

(thanks to Carsten N.)

* Disable automatic downloading of new messages for POP3 accounts

(closes #11188)

* Update the reply_header author behaviour (closes #13480)

* TorBirdy is now available in 31 languages:

- Arabic

- Catalan

- Czech

- Danish

- German

- Greek

- English (US)

- English (Great Britain)

- Spanish

- Basque

- French

- Hebrew

- Hungarian

- Indonesian

- Italian

- Korean

- Latvian

- Norwegian Bokmål

- Norwegian Nynorsk

- Punjabi

- Polish

- Portuguese

- Portuguese (Brazil)

- Romanian

- Russian

- Slovak

- Slovenian

- Serbian

- Swedish

- Turkish

- Ukrainian

Firefox and Thunderbird has been upgraded to 16.0.1, the latest version available that also fixed some problem that were notified in just-released Firefox 16.0 few days ago. Both package went to -Current and also -Stable version of Slackware.