View Full Version : Since this security bug
jobbesat
October 22nd, 2007, 05:56 PM
on firefox:
http://secunia.com/advisories/27311/
when we will have on repository the firefox version 2.0.0.8
Probably inappropriate section to post to, sorry in advance
shad0w_walker
October 22nd, 2007, 06:00 PM
I didn't spot anything mentioning the vulnerability on Linux. I know that the hole would still be there but i believe from the note that it maybe a bug that was only useful on Windows.
NOTE: Additional fixes have been added to prevent the exploitation of a URI handling vulnerability in Microsoft Windows.
If I am wrong then we should see the update fairly quickly.
x0as
October 22nd, 2007, 06:06 PM
I didn't spot anything mentioning the vulnerability on Linux. I know that the hole would still be there but i believe from the note that it maybe a bug that was only useful on Windows.
NOTE: Additional fixes have been added to prevent the exploitation of a URI handling vulnerability in Microsoft Windows.
If I am wrong then we should see the update fairly quickly.
6) An error exists in the handling of "smb:" and "sftp:" URI schemes on Linux systems with gnome-vfs support. This can be exploited to read any file owned by the target user via a specially crafted page on the same server.
This is why I dont bother using the version in the repository.
John.Michael.Kane
October 22nd, 2007, 06:18 PM
This was talked about here http://ubuntuforums.org/showthread.php?t=582702&highlight=firefox
Bug report is here https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/154393
shad0w_walker
October 22nd, 2007, 06:50 PM
Whoops, guess i missed that bit about the Linux vulnerability. That's what i get for quickly reading through things i guess.
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.