beartooth wrote:
On Fri, 20 Jan 2006 11:19:59 +0000, Paul Howarth wrote:
Beartooth wrote:
On Thu, 19 Jan 2006 18:37:44 +0000, Paul Howarth wrote:
Beartooth wrote:
Gee, and I'd've sworn I saw some ballyhoo weeks and weeks ago to the effect that 1.5 was a big security fix. Worse, I *thought* what I read said it wasn't for once just another MS problem, but something *in* Firefox. Maybe I better go on avoiding it a while yet. What I have is 1.0.7. Thanks!
[....]
If there is a real security issue with firefox 1.0.x (I don't know if there is or not), I'd expect an FC4 update that either:
(a) updated to a later version that fixed the problem, or (b) included a backported fix in the existing version
The choice between the two largely depends on what the impact of a significant version upgrade would be on users/other applications that depend on the package. If there are significant plugin incompatibilities between firefox 1.0.x and 1.5.x then I'd expect the second option to be chosen if possible.
I've since gotten a CERT alert, available at
Are you sure you have the correct link? That link is for vulnerbilities that existed in the Pre-1.0 Firefox. They are definitely fixed in 1.0.7.