On 19/06/08 22:23, Alex Kruchkoff wrote: > There is a security vulnerability has been discovered in FF3, FF2: > > http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30 > > > Just wonder if firefox-1.5.0.12-15.el5_1.i386 is safe? I would guess that right nobody (except the anonymous reporter, ZDI and Mozilla) can tell - no details are available. Since 1.5 is officially dead, Mozilla wouldn't care about that version anyway. Red Hat might (even if they have moved to 3 with the latest update), if 1.5 is still the official browser in the 5.1.z stream (don't know).. else they wouldn't care either. ut with the current rate of vulnerabilities in Firefox, I would guess that the next "public" vulnerability will come sooner rather than later, and that one will force everybody to go for latest T.U.V-release anyway.. regards jan