Language Selection

English French German Italian Portuguese Spanish

Firefox 10 relieves add-on updating pain

Filed under
Moz/FF

Mozilla today patched eight vulnerabilities in Firefox as it shipped the latest iteration in its rapid release schedule.

Firefox 10, sixth in the line of updates that have been rolling off the development line every six weeks since mid-2011, fixed half a dozen flaws rated "critical," Mozilla's highest threat ranking, and another two labeled "high."

One of the notable vulnerabilities addressed in Firefox 10 could open users to cross-site scripting (XSS) attacks because the browser did not properly run a security check when calling untrusted scripting objects, said Mozilla.

"The fix enables the Script Security Manager (SSM) to force security checks on all frame scripts," an accompanying advisory noted.

rest here

Release Notes




More in Tux Machines

Open source Linux-on-Zynq SBC debuts new FPGA add-on standard

Opal Kelly’s “SYZYGY Brain-1” SBC, which runs Linux on a Zynq-7012S, is a proof of concept for its SYZYGY standard for FPGA-driven peripherals. FPGA development firm Opal Kelly has gone to Crowd Supply to launch a development board to showcase its SYZYGY standard for FPGA peripheral expansion. SYZYGY bridges the gap between Digilent’s low-speed Pmod connector and the higher-end VITA 57.1 FMC (FPGA Mezzanine Card) standard. The open source, 110 x 75mm SYZYGY Brain-1 SBC runs Linux on a Xilinx Zynq-7012S SoC, a member of the FPGA-enabled Zynq-7000S family, which offers single Cortex-A9 cores instead of dual dual cores on the Zynq-7000 series. Read more

Why Linux can make you feel thankful or merely stuffed

There are many reasons why I came to appreciate Unix and then Linux and why they became such an important part of my life. These operating systems provided a focus and a career specialty that I've greatly enjoyed. I appreciate Linus Torvalds and the many thousands of developers who have contributed their time and energy into building a powerful, efficient and enjoyable operating system. I appreciate the many tools and commands that make them so easy to use and get my work done. And I appreciate the chances that I've had to share what I've learned with so many others. It's been fun, and it's been very rewarding. Read more

Ubuntu-Based ExLight Linux OS Is One of the Few to Use Latest Enlightenment 0.22

ExLight Build 171121 replaces last week's Build 171112, which used the older Enlightenment 0.20 desktop from the Ubuntu 17.10 (Artful Aardvark) software repositories, to update Enlightenment to the latest 0.22 release that the developer compiled from sources. This makes ExLight one of few distros to use Enlightenment 0.22. "Version 171112 uses Enlightenment 0.20 installed from Ubuntu’s repositories. Build 171121 of ExLight uses Enlightenment 0.22 installed by me from source," said the developer in the release announcement. "Only two Linux distributions in the whole wide world (besides ExLight) use Enlightenment 0.22 as desktop environment." Read more

Ubuntu 17.10 Users Get Major Kernel Update, 20 Security Vulnerabilities Patched

If you're using the latest Ubuntu 17.10 (Artful Aardvark) operating system on your personal computer, you should know that it received it's first major kernel update since the official release back in October 19, 2017. The update addresses a total of 20 security vulnerabilities for Ubuntu 17.10's Linux 4.13 kernel packages, including the Raspberry Pi 2 one. Among the security issues patched in this update, five are related to Linux kernel's USB subsystem, including a use-after-free vulnerability, which could allow a physically proximate attacker to crash the affected system by causing a denial of service (DoS attack) or possibly execute arbitrary code. Other three are related to the ALSA subsystem, including a race condition. Read more