SCIENTIFIC-LINUX-USERS Archives

June 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Scientific Linux "SL 5.2" Release Candidate 2 for i386 is now available for testing
From:
Jan Iven <[log in to unmask]>
Reply To:
Jan Iven <[log in to unmask]>
Date:
Thu, 19 Jun 2008 23:53:06 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (21 lines) 
On 19/06/08 22:23, Alex Kruchkoff wrote:
> There is a security vulnerability has been discovered in FF3, FF2:
> 
> http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30 
> 
> 
> Just wonder if firefox-1.5.0.12-15.el5_1.i386 is safe?

I would guess that right nobody (except the anonymous reporter, ZDI and 
Mozilla) can tell - no details are available. Since 1.5 is officially 
dead, Mozilla wouldn't care about that version anyway. Red Hat might 
(even if they have moved to 3 with the latest update), if 1.5 is still 
the official browser in the 5.1.z stream (don't know).. else they 
wouldn't care either. ut with the current rate of vulnerabilities in 
Firefox, I would guess that the next "public" vulnerability will come 
sooner rather than later, and that one will force everybody to go for 
latest T.U.V-release anyway..

regards
jan

ATOM RSS1 RSS2