No Firefox 60.6.3 ESR in Leap 15 update repository

I am looking for the latest version of Mozilla Firefox ESR and found that only provides MozillaFirefox-60.6.2-lp150.3.48.1.x86_64.rpm but no package for Mozilla Firefox 60.6.3.

There is a package MozillaFirefox-60.6.3-lp150.1.1.x86_64.rpm in

When i try want to add that repository in yast i get an error that the file “” cannot be downloaded and it is impossible to add that repository.

Checking some of the mirrors given in “” shows that some of the mirros can provide that file others can’t.

Whatsoever basically my question is: Why is there no package for Mozilla Firefox 60.6.3 provided in



I should have checked first !

I guess my problem is caused by the rsync service on beeing down for maintenance at the moment.



Why should there be?

The current version 60.6.2esr has the latest bug repair (about the switching off of add-ons).
And this is Leap, a stable release that will NOT provide the newest, but stick to what it was teste and released with as far as possible (security and recommened patches only).

Well, it depends on what one calls a “bug repair”.

I personally prefer a Firefox version that does not force me to enable Normandy in order to get back my add-ons.



I only used YaST Online Update (you could use zypper patch when you prefer), to get that repair. Nothing unusual. No Normandy (whatever that may be apart from a French Département).

I (and others) did so six days ago (post #26):

It allows Mozilla to conduct “Studies” … (and, to the OP, no, I don’t allow it either).


You may want to have a look here here to see why i don’t want to use it.

But as i already mentioned it is just my privat opinion: It makes no sense to me to use add-ons like “noscript” if i on the other hand i have to enable Mozilla to “spy on me”.



Just to make sure that not one of the other settings in my “user.js” is the culprit:

Does your *MozillaFirefox-60.6.2 *keep your add-ons enabled when you set “app.normandy.enabled” to “false” and “app.normandy.api_url” to “”?



As you may have understood: no, I do not use it. I just updated using YaST after the update was made available by the openSUSE devs. That Normandy was never subject in this thread until you introduced it.

So did i (to tell the truth: i used zypper up not yast) and found that my add-ons were still disabled.

Some analysis led me to the conclusion (which might be wrong), that disabling normandy causes FF 60.6.2esr to disable the add-ons. So i installed FF 60.6.3esr (from Mozilla) and found that it will enable my add-ons even if normandy is disabled.

Sorry! It is my fault that i expressed myself not clear enough here (my English isn’t that good).

The point i want to make is:

To me FF 60.6.2esr is not really a remedy for the certificate bug (because it forces you to enable Normandy what i consider to be a privacy leak). From my point of view only FF 60.6.3esr is a real remedy for the certificate bug and therefor FF 60.6.3esr should be provided via the Leap 15.0 update repository.

However that is just my personal opinion.



I’m using 66.0.5 (from and with that version add-ons remained enabled with “app.normandy.enabled” set to false.

I hadn’t removed “app.normandy.api_url” (

Setting that to an empty string and also, although you hadn’t mentioned it, setting “app.normandy.user_id” and “app.normandy.first_run” to empty strings, add-ons remained enabled. After closing and restarting Firefox add-ons remained enabled. Whether that is different behaviour to 60.6.2 I’m afraid I don’t know.

Sorry, for “app.normandy.first_run” I meant false, but I guess you would have realised that :).

That is definitely not what others experience. Read that thread I pointed you to (and maybe even the openSUSE Bugzilla it points to and the Mozilla Bugzilla it points to).

Since six (6) days there is a solution available to all users of supported openSUSE version without reverting to something called Normandy, but as usula through the Update repo.
Several there report that it works (and because I do not see people there that report that it does not work for them, I assume it also works for many others).

Personally, I have Leap 15.0, switched off all spying by Mozilla in the Security settings (and now added the about:config setting mentioned above). I had the problem (as you see I was the first one reporting it here in the forums), I used the by-pass advised by @Tannington, I waited until the patch was in the Update repo. I applied YOU. I dismantled the by-pass. All works as a charm.

So when you have different, I might be interesting to find out why it differs on your system. I doubt that struggling to get another, not supported by LEAP 15.0, FF version is a good idea.

Thank you very much for your feed back!

Due to the current partial outage of the openSUSE mirror infrastructure i had problems to add this repository (see my very first post).

I use FF 66.0.4 on openSUSE Tumbleweed and that keeps my add-ons enabled even if normandy is disabled.

However i would prefer to use with openSUSE Leap 15.0 only the standard repositories (oss, non-oss, update plus Packman) to keep my system up-to-date and functional and therefor would like to have FF 60.6.3 in the update repository for Leap 15.0.

But it’s not up to me to decide if that will happen …



I agree 100% with you!

Since long i use (mainly for privacy reasons) a set of “tweaks” (mostly from ghacksuserjs) with FF in a user.js file and all i can tell for sure is:

  • this user.js file worked before the “certificate bug” happend
  • this user.js file works with FF 60.6.3esr
  • this user.js file does NOT work with 60.6.2esr (i.e. all add-ons will be disabled / no add-ons can be installed)
  • this user.js file works with FF 66.0.4

There are quite a few “tweaks” (>> 100) in that user.js file. Although i suspect disabling shield and/or normandy and/or telemetry being the cause of my problem with FF 60.6.2esr i can’t tell for sure.

Considering the fact, that only FF 60.6.2esr causes me problems i will continue use Mozillas FF 60.6.3esr (which i installed in /opt) until the openSUSE Leap 15.0 update repository provides an even newer version which then hopefully fixes what seems to be my very individual problem.



Maybe thinking of testing:

I have no idea how those test-repositories work (when are they updated, how long stay packages in there, what quality do those packages have, …) and i actually would prefer to use (with openSUSE Leap 15.0) only the standard repositories (oss, non-oss, update) plus Packman.

Nevertheless thank you very much for the hint!



Before any packages goes to the Update Repo, it will be tested in the Update-Test Repo.
So it will be staying there some days (weeks) and tested.

You can also help and test the package…

Just to give this thread a proper closure:

MozillaFirefox 60.6.3-lp150.3.51.2 arrived in the openSUSE Leap 15.0 update repository. Thanks to everybody who made this happen!

Switching my system back to this version i found that it works (as expected) flawlessly even when using my user.js file.
I have to admit that i did not spent the time to work out which of the 100+ settings in my user.js caused the problem with MozillaFirefox 60.6.2. So we will never know … :wink:



Just a note. I have been following the bug report (bug 1134127) since soon after the problem was reported. That’s the problem with firefox extensions. And I have seen continued activity on that bug from its onset.

They first provided a temporary fix (which you didn’t like). And then I saw the final fix show up yesterday. And that’s what you found in the repo.

Three cheers for the great support from the openSUSE developers/maintainers team.