1 |
In <news:46A70555.3020502@×××××.com>, |
2 |
"b.n." <brullonulla@×××××.com> wrote: |
3 |
|
4 |
>fire-eyes ha scritto: |
5 |
>>> i just want to ask if it's ok to update to the new firefox,or if |
6 |
>>> it's a serious sec problem?... :/ |
7 |
>>> |
8 |
>>> thx... |
9 |
>> |
10 |
>> It's okay to update, as far as I know it's 2.0.0.5 and before (aka |
11 |
>> everything...). |
12 |
>> |
13 |
>> Your best bet is to not use the password saving features, install |
14 |
>> noscript (important: WIPE OUT it's whitelist, then selectively add |
15 |
>> sites you trust). |
16 |
|
17 |
At least not use the password manager for sites that essentially let |
18 |
users host pages on them, e.g. social networking sites. |
19 |
|
20 |
>Has the bug been fixed upstream? |
21 |
|
22 |
I don't know -- they restrict access to security-sensitive bug entries |
23 |
until after an official release with a patch has been put out. It's |
24 |
possible they won't fix this one at all; see the third and fourth |
25 |
paragraphs at <http://www.heise-security.co.uk/news/93018>, and chase |
26 |
links if you're really interested. |
27 |
|
28 |
-- |
29 |
»Q« |
30 |
|
31 |
-- |
32 |
gentoo-user@g.o mailing list |