Language Selection

English French German Italian Portuguese Spanish

Mozilla disputes Firefox flaws

Filed under
Moz/FF

Mozilla's security chief Tuesday panned a pair of Firefox bugs revealed Monday as low-level threats but hours later changed her mind and said that when used together, they could pose a greater risk.

The researcher who disclosed the vulnerabilities agreed with her. Mostly.
Michal Zalewski, who regularly publishes browser flaw findings, on Monday posted details on the Full-disclosure mailing list about four browser vulnerabilities, including two affecting Firefox. He categorized one as a "major" threat, and he saw the other as only a "medium" threat.

In an entry on the Mozilla security blog -- which debuted last week -- Window Snyder, the company's chief security officer, said the more serious of the two bugs found by Zalewski was no more than a spoofing vulnerability and deserved only a "low" rating.

More Here.




Also: AllPeers Reaches Agreement to Offer Mozilla Firefox with AllPeers Bundle

More in Tux Machines

SUSE: GNU Health Project, Uyuni, OpenSUSE Leap 15

  • openSUSE Donates 10 More Raspberry Pis to GNU Health
    The openSUSE Project once again donated 10 Raspberry Pis to GNU Health Project, which were handed over to the project’s founder Luis Falcon at the openSUSE Conference today. Last year, the openSUSE Project donated 10 Raspberry Pis to the non-profit, non-government organizations (NGO) that delivers free open-source software for health practitioners, health institutions and governments worldwide.
  • Uyuni: Forking Spacewalk with Salt and Containers
    Members of a new open source community project called Uyuni announced today at openSUSE Conference that a fork of the open-source systems management solution Spacewalk is on its way.
  • OpenSUSE Leap 15 released (Linux with enterprise features)
    The latest version of OpenSUSE is out today, bringing a new installer, improvements for cloud usage, and support for the GNOME and KDE desktop environments. OpenSUSE Leap 15 is also more closely aligned with SUSE Linux Enterprise (SLE), making it easy for users to migrate from the community-based operating system to the professional version that offers better stability and long-term support, among other things.

Android Leftovers

openSUSE Leap 15 Released! See what's New

The latest openSUSE release Leap 15 is here with updated software, Wayland support and an easier upgrade procedure to the famed SUSE Linux Enterprise Edition. Read more

Android Leftovers