Re: Security of Firefox (was Re: VDQ : Firefox, Fedora -- and yum?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



beartooth wrote:
> On Fri, 20 Jan 2006 11:19:59 +0000, Paul Howarth wrote:
>
>
>> Beartooth wrote:
>>
>>> On Thu, 19 Jan 2006 18:37:44 +0000, Paul Howarth wrote:
>>>
>>>
>>>
>>>> Beartooth wrote:
>>>>
>>>
>>> Gee, and I'd've sworn I saw some ballyhoo weeks and weeks ago to the
>>> effect that 1.5 was a big security fix. Worse, I *thought* what I read
>>>  said it wasn't for once just another MS problem, but something *in*
>>> Firefox. Maybe I better go on avoiding it a while yet. What I have is
>>>  1.0.7. Thanks!
>>>
> [....]
>
>> If there is a real security issue with firefox 1.0.x (I don't know if
>> there is or not), I'd expect an FC4 update that either:
>>
>> (a) updated to a later version that fixed the problem, or (b) included
>> a backported fix in the existing version
>>
>> The choice between the two largely depends on what the impact of a
>> significant version upgrade would be on users/other applications that
>> depend on the package. If there are significant plugin
>> incompatibilities between firefox 1.0.x and 1.5.x then I'd expect the
>> second option to be chosen if possible.
>
> I've since gotten a CERT alert, available at
>
>
> http://www.us-cert.gov/cas/techalerts/TA04-261A.html

Are you sure you have the correct link?  That link is for vulnerbilities
that existed in the Pre-1.0 Firefox.  They are definitely fixed in 1.0.7.


-- 
William Hooper


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux