Language Selection

English French German Italian Portuguese Spanish

Mozilla disputes Firefox flaws

Filed under
Moz/FF

Mozilla's security chief Tuesday panned a pair of Firefox bugs revealed Monday as low-level threats but hours later changed her mind and said that when used together, they could pose a greater risk.

The researcher who disclosed the vulnerabilities agreed with her. Mostly.
Michal Zalewski, who regularly publishes browser flaw findings, on Monday posted details on the Full-disclosure mailing list about four browser vulnerabilities, including two affecting Firefox. He categorized one as a "major" threat, and he saw the other as only a "medium" threat.

In an entry on the Mozilla security blog -- which debuted last week -- Window Snyder, the company's chief security officer, said the more serious of the two bugs found by Zalewski was no more than a spoofing vulnerability and deserved only a "low" rating.

More Here.




Also: AllPeers Reaches Agreement to Offer Mozilla Firefox with AllPeers Bundle

More in Tux Machines

Red Hat and Fedora

FOSS Events: LCA and systemd.conf

  • 5 great linux.conf.au talks (that aren't about Linux)
    linux.conf.au, otherwise known as LCA, is one of the world's longest-running open source events. LCA has been held in a different city around Australia and New Zealand almost every year since 1999. Despite the name, linux.conf.au is a generalist open source conference. LCA hasn't been just about Linux for a long time. Rather, the conference focuses on everything to do with open source: the software, hardware, and network protocols that underly it. LCA also has a strong track on free and open culture, exploring how open source interacts with science, government, and the law.
  • FINAL REMINDER! systemd.conf 2016 CfP Ends on Monday!
    Please note that the systemd.conf 2016 Call for Participation ends on Monday, on Aug. 1st! Please send in your talk proposal by then! We’ve already got a good number of excellent submissions, but we are very interested in yours, too!

OSS Leftovers

Programming