We are stuck with Firefox at 3.6.7 that has known security bugs, all the while 3 newer versions where released in 54 days. v.3.6.10, released September 15th: Fixed a single stability issue affecting a limited number of users v.3.6.9, released September 7th, 2010 MFSA 2010-63 Information leak via XMLHttpRequest statusText MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type attribute MFSA 2010-59 SJOW creates scope chains ending in outer object MFSA 2010-58 Crash on Mac using fuzzed font in data: URL MFSA 2010-57 Crash and remote code execution in normalizeDocument MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView MFSA 2010-55 XUL tree removal crash and remote code execution MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12) v.3.6.8, released July 23rd, 2010 MFSA 2010-48 Dangling pointer crash regression from plugin parameter array fix This should be promptly corrected! -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
