Debian Mozilla team

The Debian Mozilla team provides various versions of some Mozilla related packages for use on different Debian systems. The following wizard helps you to find the packages suitable for your system.

Please note the Iceweasel 3.6 packages that used to be provided here are not supported anymore, and you are strongly advised to update to esr or release. The outdated Icedove release was also removed in favor of an esr.

Support for oldstable (Squeeze) will not go further than version 24.

« I am running Debian and I want to install version »

You need to add the following entry in /etc/apt/sources.list or a new file in /etc/apt/sources.list.d/:

deb squeeze-backports main
deb squeeze-backports iceweasel-release

You can install it with the following commands:

$ apt-get update
$ apt-get install -t squeeze-backports iceweasel

Please report any problem to the list.

The archive is signed, so APT may complain until you add the archive key to your APT keyring.

You can do so by installing the pkg-mozilla-archive-keyring package. Once installed, you can check the key with the following command (requires the debian-keyring package to be installed):

$ gpg --check-sigs --fingerprint --keyring /etc/apt/trusted.gpg.d/pkg-mozilla-archive-keyring.gpg --keyring /usr/share/keyrings/debian-keyring.gpg pkg-mozilla-maintainers
pub   4096R/06C4AE2A 2010-11-20 [expires: 2012-11-14]
      Key fingerprint = 85F0 6FBC 75E0 67C3 F305  C3C9 85A3 D265 06C4 AE2A
uid                  Debian Mozilla team APT archive <>
sig!3        06C4AE2A 2010-11-20  Debian Mozilla team APT archive <>
sig!         54FD2A58 2010-11-20  Mike Hommey <>

1 signature not checked due to a missing key

The latter message about signature not being checked is expected, as the archive key is signed by two keys, but only one being in the Debian keyring at a given moment: 54FD2A58 is an old key that is going to be deprecated and replaced with A6AA8C72. You can thus also expect the last signature validation to differ depending on the Debian keyring version you use.

You may want to check the trust path from your key to the one that signed the archive key. Or you can choose to trust the Debian keyring.

The pkg-mozilla-archive-keyring package is available in Debian stable and squeeze-backports. If you're using version 1.0 of the package, it contains an expired version of the key and you need to upgrade it to version 1.1. If you don't, you'll see this kind of message when running apt-get update:

W: GPG error: squeeze-backports Release: The
following signatures were invalid: KEYEXPIRED 1352888501