On Mon, 2010-09-20 at 15:28 +0200, Bram_Gro wrote: > On 09/20/2010 02:47 PM, Ankur Sinha wrote: > > On Mon, 2010-09-20 at 14:30 +0200, Bram_Gro wrote: > >> On 09/20/2010 01:34 PM, Ankur Sinha wrote: > >>> On Mon, 2010-09-20 at 13:19 +0200, Bram_Gro wrote: > >>>> We are stuck with Firefox at 3.6.7 that has known security bugs, all > >>>> the while 3 newer versions where released in 54 days. > >>>> > >>>> > >>>> v.3.6.10, released September 15th: > >>>> > >>>> Fixed a single stability issue affecting a limited number of users > >>>> > >>>> v.3.6.9, released September 7th, 2010 > >>>> > >>>> MFSA 2010-63 Information leak via XMLHttpRequest statusText > >>>> MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document > >>>> allows XSS > >>>> MFSA 2010-61 UTF-7 XSS by overriding document charset using<object> > >>>> type attribute > >>>> MFSA 2010-59 SJOW creates scope chains ending in outer object > >>>> MFSA 2010-58 Crash on Mac using fuzzed font in data: URL > >>>> MFSA 2010-57 Crash and remote code execution in normalizeDocument > >>>> MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView > >>>> MFSA 2010-55 XUL tree removal crash and remote code execution > >>>> MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection > >>>> MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText > >>>> MFSA 2010-52 Windows XP DLL loading vulnerability > >>>> MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array > >>>> MFSA 2010-50 Frameset integer overflow vulnerability > >>>> MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12) > >>>> > >>>> v.3.6.8, released July 23rd, 2010 > >>>> > >>>> MFSA 2010-48 Dangling pointer crash regression from plugin parameter > >>>> array fix > >>>> > >>>> > >>>> This should be promptly corrected! > >>>> > >>> > >>> I can see a build in koji for it[1]. Please file a bug requesting the > >>> maintainer to submit the build as an update. For some reason, the build > >>> has not been submitted to testing. > >>> > >>> [1] > >>>> http://koji.fedoraproject.org/koji/packageinfo?packageID=37 > >>> > >> I Get Error code: ssl_error_handshake_failure_alert when trying to > >> create a account and login at http://koji.fedoraproject.org/koji/login > >> to contact Xhorak, or for the general submittal of a update request. > >> > > > > hi, > > > > you need to signup at bugzilla.redhat.com and submit a bug there. > > > > https://bugzilla.redhat.com/show_bug.cgi?id=635659 (priority should have > been urgent). > Thank you for the bug report. -- Thanks! Regards, Ankur https://fedoraproject.org/wiki/User:Ankursinha "FranciscoD" -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
