Default browser in Fedora KDE Plasma
Reindl Harald
h.reindl at thelounge.net
Mon Aug 10 13:49:58 UTC 2015
Am 10.08.2015 um 15:13 schrieb Kevin Kofler:
> Reindl Harald wrote:
>> but that don't change the fact bringing a zero-day exploit for Firefox
>> as reason not to make it the default browser is bullshit in context of
>> security
>
> I also have to point out that this particular exploit only exists because
> Firefox reinvents the PDF reader wheel (shipping a PDF reader in JavaScript
> (!)) instead of reusing Okular as Konqueror does. The Firefox PDF
> implementation does not even use the poppler library, it's a completely Not
> Invented Here solution
so what - that makes your from a security experts point of view insane
"Konqueror is more safe because nobody targets it for attacks" and "hey
there was a security hole" not better
i revert your "does not even use the poppler library" easily with
- Add poppler-0.15.0-CVE-2010-3702.patch
- Add poppler-0.15.0-CVE-2010-3703.patch
- Add poppler-0.15.0-CVE-2010-3704.patch
- CVE-2009-3607 poppler: create_surface_from_thumbnail_data
and say "hmm Konqueror and Okular where vulnerable while Firefox was
likely not at that moment" just to show that your whole security
argumentation is pointless
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/kde/attachments/20150810/0fea7ba5/attachment.sig>
More information about the kde
mailing list