SCIENTIFIC-LINUX-USERS Archives

June 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Sender:
Mailling list for Scientific Linux users worldwide <[log in to unmask]>
Date:
Thu, 19 Jun 2008 23:53:06 -0400
MIME-version:
1.0
Reply-To:
Jan Iven <[log in to unmask]>
Content-type:
text/plain; format=flowed; charset=ISO-8859-1
Subject:
Re: Scientific Linux "SL 5.2" Release Candidate 2 for i386 is now available for testing
From:
Jan Iven <[log in to unmask]>
In-Reply-To:
<[log in to unmask]>
Content-transfer-encoding:
7BIT
Comments:
To: Alex Kruchkoff <[log in to unmask]> cc: [log in to unmask]
Parts/Attachments:
text/plain (21 lines) 
On 19/06/08 22:23, Alex Kruchkoff wrote:
> There is a security vulnerability has been discovered in FF3, FF2:
> 
> http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30 
> 
> 
> Just wonder if firefox-1.5.0.12-15.el5_1.i386 is safe?

I would guess that right nobody (except the anonymous reporter, ZDI and 
Mozilla) can tell - no details are available. Since 1.5 is officially 
dead, Mozilla wouldn't care about that version anyway. Red Hat might 
(even if they have moved to 3 with the latest update), if 1.5 is still 
the official browser in the 5.1.z stream (don't know).. else they 
wouldn't care either. ut with the current rate of vulnerabilities in 
Firefox, I would guess that the next "public" vulnerability will come 
sooner rather than later, and that one will force everybody to go for 
latest T.U.V-release anyway..

regards
jan

ATOM RSS1 RSS2