Language Selection

English French German Italian Portuguese Spanish

Firefox's flaws fixed in upgrade

Filed under
Software

The Mozilla Foundation, maker of the open source web browser Firefox, has released a security patch to plug two critical security flaws in the browser.

The flaws were found last week by net security experts. Danish firm, Secunia, called them "extremely critical".

Mozilla has now recommended people upgrade to the latest version, Firefox 1.0.4, which is a security update.

Firefox is Microsoft Internet Explorer's (IE) main rival. IE has dominated the browser market.

But many have switched to Firefox because, so far, it has had fewer security flaws than IE and is more customizable.

Although the vulnerabilities, reported on Saturday, had been identified no cases had been reported of them being exploited.

Secunia said they were "extremely critical" because they could have let cookie and history information be used to get access to personal information or access previously visited sites.

The first flaw reported fooled the browser into thinking software was being installed by a legitimate, or safe, website.

The second happened was related to the software installation trigger which was not able to properly check icon web addresses which contain JavaScript code.

Potentially, a hacker could have taken advantage of the security flaws to secretly launch malicious code or programs.

Full Story.

More in Tux Machines

Discourse

Discourse is an open-source project, hosted at GitHub (see Resources), licensed under the GNU General Public License, version 2. It is backed by Atwood's company, which has the fantastic name of Civilized Discourse Construction Kit, Inc., and it aims to profit through installing and supporting Discourse. Read more

EXT4 In Linux 3.18 Has Clean-ups, Bug Fixes

With Linux 3.18-rc1 having came one week early, the EXT4 file-system pull request didn't end up landing until today. However, the EXT4 changes aren't overly exciting for the 3.18 merge window. The EXT4 changes for the Linux 3.18 kernel merge window come down to mostly just code clean-ups and bug fixes along with some minor journal optimizations. Read more

Free and Open Source Electronic Signature in Costa Rica

The LibreOffice component designed by the University of Costa Rica (UCR) is similar to similar software enhancements currently used for electronic signatures in other countries. Read more

Rejuvenate your Fedora desktop with Moka

Moka started as a single Linux desktop icon theme, but over time it has gradually evolved into an entire project & brand identity that provides quality designs to people. Moka is about personalization and its goal is to provide an assortment of style options to allow you to customize your experience. Read more