Package Details: palemoon-bin 1:33.0.2-1

Git Clone URL: https://aur.archlinux.org/palemoon-bin.git (read-only, click to copy)
Package Base: palemoon-bin
Description: Open source web browser based on Firefox focusing on efficiency.
Upstream URL: http://linux.palemoon.org/
Keywords: browser goanna web
Licenses: GPL, MPL, LGPL
Conflicts: palemoon
Provides: palemoon
Submitter: sumt
Maintainer: oberon2007 (WorMzy)
Last Packager: oberon2007
Votes: 195
Popularity: 0.044507
First Submitted: 2014-06-03 14:55 (UTC)
Last Updated: 2024-03-30 09:05 (UTC)

Latest Comments

1 2 3 4 5 6 .. 17 Next › Last »

WorMzy commented on 2023-06-12 10:09 (UTC)

EU mirror is offline due to server issues, use the US mirror instead (it is commented out in the PKGBUILD).

purpleleaf commented on 2023-06-12 09:49 (UTC)

The package is offline again....

Ralf_Mardorf commented on 2023-05-17 17:40 (UTC)

Hi, writing a comment related to "unknown public key" is a funny faux pas. Another subscriber already provided the solution. However, at least palemoon-gtk3-bin ( https://aur.archlinux.org/packages/palemoon-gtk3-bin ) is provided by https://wiki.archlinux.org/title/unofficial_user_repositories#chaotic-aur . Regards, Ralf

micwoj92 commented on 2023-05-17 17:29 (UTC)

gpg --recv-keys 865E6C87C65285EC

keepitsimpleengr commented on 2023-05-17 17:28 (UTC) (edited on 2023-05-17 17:38 (UTC) by keepitsimpleengr)

[--ljohnson{10:23:26}palemoon-bin]$ makepkg -srci\ ==> Making package: palemoon-bin 1:32.2.0-1 (Wed 17 May 2023 10:24:02 AM PDT)\ ==> Checking runtime dependencies...\ ==> Checking buildtime dependencies...\ ==> Retrieving sources...\ -> Found palemoon.desktop\ -> Found palemoon-32.2.0.linux-x86_64-gtk2.tar.xz\ -> Found palemoon-32.2.0.linux-x86_64-gtk2.tar.xz.sig\ ==> Validating source files with sha256sums...\ palemoon.desktop ... Passed\ palemoon-32.2.0.linux-x86_64-gtk2.tar.xz ... Passed\ palemoon-32.2.0.linux-x86_64-gtk2.tar.xz.sig ... Skipped\ ==> Verifying source file signatures with gpg...\ palemoon-32.2.0.linux-x86_64-gtk2.tar.xz ... FAILED (unknown public key 865E6C87C65285EC)\ ==> ERROR: One or more PGP signatures could not be verified!

dreieck commented on 2022-08-06 14:15 (UTC)

Fails to download source:

  -> Downloading palemoon-31.2.0.linux-x86_64-gtk2.tar.xz...
--2022-08-06 16:03:27--  https://linux.palemoon.org/datastore/release/palemoon-31.2.0.linux-x86_64-gtk2.tar.xz
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving linux.palemoon.org (linux.palemoon.org)... 2a01:4a0:68:1::492a, 80.255.7.132
Connecting to linux.palemoon.org (linux.palemoon.org)|2a01:4a0:68:1::492a|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2022-08-06 16:03:28 ERROR 404: Not Found.

WorMzy commented on 2022-03-21 17:06 (UTC) (edited on 2022-03-21 17:26 (UTC) by WorMzy)

Please note that the 30.0.x release has been pulled while upstream deal with the fallout of the actions a disgruntled contributor. While there is nothing suggesting the 30.0.x releases are compromised in any way, the lead dev is understandably too busy performing damage control to support the 30.0.x release and is recommending people stick to 29.4.4 for the time being.

More details at https://forum.palemoon.org/viewtopic.php?f=1&t=28044

dmnc commented on 2022-02-13 14:26 (UTC)

Importing Moonchild's key (8FCF9CEC) doesn't solve the problem, just the old key from Travis (travawine@protonmail.com) but afaik we can trust this key.

Ralf_Mardorf commented on 2021-07-21 10:28 (UTC)

Assuming the fingerprint is correct, verified by a web of trust, a signed checksum is used, to grant a sources used by a PKGBUILD is unmodified. This for example ensure that nobody hacked the download page and replaced the source by a modified malicious source. You always only have the word of the person providing the source with the signed checksum for download, but at least nobody else can do something harmful. You better don't skip the validation. While fingerprints and the web of trust are sensitive topics, still consider to use checksums.