OS upgrading tips to minimise overhead (rebuilding etc)

Clemens Lang cal at macports.org
Fri Feb 23 20:55:53 UTC 2024 

Hi,

On Fri, Feb 23, 2024 at 06:51:47PM +0100, René J.V. Bertin wrote:
> I was just informed that Firefox will break the sync function in older
> versions of its browser, including the 78 esr I've been using for the
> past years. It seems that might finally motivate me to upgrade my MBP
> to the latest OS it supports officially (10.13). 

Firefox 78 ESR saw its last update on 2021-10-05, 2 years and 4 months
ago. You're surfing without all security updates released in Firefox
91.3 or later. (I am assuming that 78.15 fixed the same issues as 91.2,
which were released simultaneously.)

See
  https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
for a list.

That includes at least the following critical remote code execution
vulnerabilities, some of which are known to be actively exploited:
 - CVE-2022-26485
 - CVE-2022-26486
 - CVE-2022-1802
 - CVE-2022-1529
 - CVE-2023-4863
 - CVE-2023-5217

On top of that, there are 140 CVEs rated high that your browser probably
doesn't have fixes for.

You really shouldn't have been using this browser anymore. This is how
machines become part of a botnet, that then ends up sending spam.



> Anyone willing to share tips on how to make this the least invasive
> and/or disrupting chore, including NOT forcing a rebuild of every port
> I have installed? Are there any ports that are likely or known to
> require a rebuild because of changes in system frameworks? Possible
> candidates I could think of are Qt5 and complex ports like webkit2-gtk

You did not include the version you're upgrading from, so this is
impossible to answer. However, regardless of what your current version
is, not rebuilding the ports on upgrade is unsupported.

What Apple explicitly supports is keeping the old binaries unmodified.
You can keep a copy of your old binaries, install a separate copy of
MacPorts and install ports using that new copy when you want newer
versions. Of course that'll also mean that you can't install security or
other updates for your old ports, so I'd advise against it.

-- 
Clemens

More information about the macports-users mailing list