Firefox at 3.6.7 that has known security bugs, all the while 3 newer versions where released in 54 days.
Bram_Gro
Bram_Gro at lavabit.com
Mon Sep 20 12:30:37 UTC 2010
On 09/20/2010 01:34 PM, Ankur Sinha wrote:
> On Mon, 2010-09-20 at 13:19 +0200, Bram_Gro wrote:
>> We are stuck with Firefox at 3.6.7 that has known security bugs, all
>> the while 3 newer versions where released in 54 days.
>>
>>
>> v.3.6.10, released September 15th:
>>
>> Fixed a single stability issue affecting a limited number of users
>>
>> v.3.6.9, released September 7th, 2010
>>
>> MFSA 2010-63 Information leak via XMLHttpRequest statusText
>> MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document
>> allows XSS
>> MFSA 2010-61 UTF-7 XSS by overriding document charset using<object>
>> type attribute
>> MFSA 2010-59 SJOW creates scope chains ending in outer object
>> MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
>> MFSA 2010-57 Crash and remote code execution in normalizeDocument
>> MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
>> MFSA 2010-55 XUL tree removal crash and remote code execution
>> MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
>> MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
>> MFSA 2010-52 Windows XP DLL loading vulnerability
>> MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
>> MFSA 2010-50 Frameset integer overflow vulnerability
>> MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
>>
>> v.3.6.8, released July 23rd, 2010
>>
>> MFSA 2010-48 Dangling pointer crash regression from plugin parameter
>> array fix
>>
>>
>> This should be promptly corrected!
>>
>
> I can see a build in koji for it[1]. Please file a bug requesting the
> maintainer to submit the build as an update. For some reason, the build
> has not been submitted to testing.
>
> [1]
>> http://koji.fedoraproject.org/koji/packageinfo?packageID=37
>
I Get Error code: ssl_error_handshake_failure_alert when trying to
create a account and login at http://koji.fedoraproject.org/koji/login
to contact Xhorak, or for the general submittal of a update request.
More information about the users
mailing list