Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

  1. #1
    Join Date
    Oct 2011
    Beans
    23

    Firefox security vulnerability warning.

    I've just read this http://www.bbc.co.uk/news/technology-19909106

    Does that apply to Ubuntu too?

  2. #2
    Join Date
    Oct 2012
    Location
    Gitmo Nation Blue Crabs
    Beans
    42
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: Firefox security vulnerability warning.

    Quote Originally Posted by jgcsd View Post
    I've just read this http://www.bbc.co.uk/news/technology-19909106

    Does that apply to Ubuntu too?
    yes, and you can get the latest version here http://www.mozilla.org/en-US/firefox/new/
    Last edited by ALinuxWindowsBalance; October 11th, 2012 at 12:38 PM. Reason: too short

  3. #3
    Join Date
    Nov 2008
    Beans
    Hidden!

    Re: Firefox security vulnerability warning.


  4. #4
    Join Date
    Mar 2012
    Beans
    142

    Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    Hello, Firefox 16 released on 9 October has been removed from Mozilla servers due to a privacy leak. As we know, a couple days ago Ubuntu updated Firefox to 16.0+build1-0ubuntu0 due to multiple security issues. But, version 15 is unaffected. Should we downgrade Firefox from 16 to 15 e.g. with Synatpic (Package -> Force version)? If so, in my case I could not do that, because Synaptic offers me only one version: 11. Except, of course, 16. So, what we should to do?

    Upstream details: https://rhn.redhat.com/errata/RHSA-2012-1350.html

  5. #5
    Join Date
    Jun 2009
    Location
    0:0:0:0:0:0:0:1
    Beans
    4,143
    Distro
    Xubuntu 13.04 Raring Ringtail

    Re: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    https://launchpad.net/~ubuntu-mozill...s_filter=lucid
    there is a ppa for mozilla

    also 16.0.1 is in the repos, at least for 12.10 (edit this line was referring to the default repos)
    Last edited by pqwoerituytrueiwoq; October 11th, 2012 at 10:27 PM. Reason: added what is in parentesis
    Laptop: ASUS A54C-NB91 (Storage: WD3200BEKT + MKNSSDCR60GB-DX); Desktop: Custom Build - Images included; rPi Server
    Putting your Networked Printer's scanner software to shame PHP Scanner Server
    I frequently edit my post when I have the last post

  6. #6
    Join Date
    Oct 2012
    Location
    Gitmo Nation Blue Crabs
    Beans
    42
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    Quote Originally Posted by kleenex View Post
    Hello, Firefox 16 released on 9 October has been removed from Mozilla servers due to a privacy leak. As we know, a couple days ago Ubuntu updated Firefox to 16.0+build1-0ubuntu0 due to multiple security issues. But, version 15 is unaffected. Should we downgrade Firefox from 16 to 15 e.g. with Synatpic (Package -> Force version)? If so, in my case I could not do that, because Synaptic offers me only one version: 11. Except, of course, 16. So, what we should to do?

    Upstream details: https://rhn.redhat.com/errata/RHSA-2012-1350.html
    My suggestion is to use Chromium or Konqueror until Mozilla can fix Firefox.

  7. #7
    Join Date
    Mar 2012
    Beans
    142

    Re: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    Hi pqwoerituytrueiwoq. Are you suggesting, that 16.0.1 version fixes this security issues?[1] But wait a minute! I saw something interesting: You can update your system with unsupported packages from this untrusted PPA. :- ) If I decide to add this PPA to the sources.list file and update Firefox with apt-get update/upgrade commands, Firefox will be upgrade normally in the future? I mean system update-manager and official Ubuntu updates from http://www.ubuntu.com/usn/

    ALinuxWindowsBalance; thanks, but Chromium seems to me very suspicious if it is about things like e.g. users privacy etc. Of course it is only my opinion! Nothing more, nothing less.

    [1] Yes, see LP bug #1065285
    Last edited by kleenex; October 11th, 2012 at 09:39 PM.

  8. #8
    Join Date
    Oct 2012
    Location
    Gitmo Nation Blue Crabs
    Beans
    42
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    Quote Originally Posted by kleenex View Post
    Hi ALinuxWindowsBalance; thanks, but Chromium seems to me very suspicious if it is about things like e.g. users privacy etc. Of course it is only my opinion! Nothing more, nothing less.

    pqwoerituytrueiwoq
    . Are you suggesting, that 16.0.1 version fixes this security issues? But wait a minute! I saw something interesting: You can update your system with unsupported packages from this untrusted PPA. :- )
    Unfortunately I don't trust the Googs. Because most people use it and say 'oooh, a google browser'
    I thought you would use it. But, that's a stereotype. But Konqueror is pretty good, you can also use it instead of Nautilus, the file manager.

  9. #9
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    Quote Originally Posted by kleenex View Post
    Hi pqwoerituytrueiwoq. Are you suggesting, that 16.0.1 version fixes this security issues?[1] But wait a minute! I saw something interesting: You can update your system with unsupported packages from this untrusted PPA. :- ) If I decide to add this PPA to the sources.list file and update Firefox with apt-get update/upgrade commands, Firefox will be upgrade normally in the future? I mean system update-manager and official Ubuntu updates from http://www.ubuntu.com/usn/ . As You can see there is not any entries about Firefox 16 and latest privacy vulnerability, so?
    That is the testing PPA. I would recommend sticking with the regular repos or rolling back to FF 15 until a new release is officially announced.

    For what is is worth, I checked my precise box, that I have set to install security updates automagically, and it says this:

    Code:
    firefox --version
    Mozilla Firefox 16.0
    As it stands now, I don't know of a way to actually go back to firefox 15, outside of downloading the deb and installing it, but you would probably be better off just installing that version from the firefox website as a tar.gz.

    EDIT: Mozilla is hosting 16.0.1 on their site: http://www.mozilla.org/en-US/firefox/new/

    It doesn't look to be in the official repos yet, so you can just install it from there if you so desire, then upgrade to 16.0.1 when it hits the Ubuntu repos.
    Last edited by CharlesA; October 11th, 2012 at 09:21 PM.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  10. #10
    Join Date
    Apr 2005
    Location
    EU - UK
    Beans
    3,324
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Attack code for Firefox 16 privacy vulnerability. Downgrade to ver. 15?

    Firefox 16.0.1 just hit the repos.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •