Language Selection

English French German Italian Portuguese Spanish

Mozilla disputes Firefox flaws

Filed under
Moz/FF

Mozilla's security chief Tuesday panned a pair of Firefox bugs revealed Monday as low-level threats but hours later changed her mind and said that when used together, they could pose a greater risk.

The researcher who disclosed the vulnerabilities agreed with her. Mostly.
Michal Zalewski, who regularly publishes browser flaw findings, on Monday posted details on the Full-disclosure mailing list about four browser vulnerabilities, including two affecting Firefox. He categorized one as a "major" threat, and he saw the other as only a "medium" threat.

In an entry on the Mozilla security blog -- which debuted last week -- Window Snyder, the company's chief security officer, said the more serious of the two bugs found by Zalewski was no more than a spoofing vulnerability and deserved only a "low" rating.

More Here.




Also: AllPeers Reaches Agreement to Offer Mozilla Firefox with AllPeers Bundle

More in Tux Machines

Red Hat CEO: Here's how to create an 'Open Organization'

In a brand-new book, Red Hat CEO Jim Whitehurst explains what he's learned from leading the largest open source company and how the lessons can be applied Read more Also:

  • The open source CEO strikes again
    In The Open Organization, Red Hat CEO Jim Whitehurst presents a compelling, modern alternative to the traditional, top-down hierarchy of business organization. I had the pleasure of interviewing Whitehurst for TechCrunch.com in early 2012, and the seeds of many of the ideas in the book were clearly present even then. Reading The Open Organization felt, in some ways, like the conclusion to that interview.
  • Why I Wrote "The Open Organization"
    In my line of work, I get a lot of questions. Most of these are along the lines of "What's it like to be CEO of an open source company" or “Where do you see technology moving over the next year?”

today's leftovers

Fedora's "Fedup" To Be Replaced In Fedora 23

Fedup right now is the command for handling in-place Fedora upgrades from release-to-release and it's been around since Fedora 17. However, with the Fedora 23 release due out in late 2015, that utility will likely be replaced with a new version to handle upgrading to new releases. Read more

Security and Linux