1 |
Am Mittwoch 25 Juli 2007 04:10 schrieb fire-eyes: |
2 |
> Stratos Psomadakis wrote: |
3 |
> > i just did an update,and firefox 2.0.0.5 has been added to the tree(~ |
4 |
> > masked)... |
5 |
> > but i just read a post at slashdot.org that says about a password |
6 |
> > vulnerability of 2.0.0.5... |
7 |
> > here's the link: http://it.slashdot.org/article.pl?sid=07/07/23/1450224 |
8 |
> > |
9 |
> > i just want to ask if it's ok to update to the new firefox,or if it's a |
10 |
> > serious sec problem?... :/ |
11 |
> > |
12 |
> > thx... |
13 |
> |
14 |
> It's okay to update, as far as I know it's 2.0.0.5 and before (aka |
15 |
> everything...). |
16 |
> |
17 |
> Your best bet is to not use the password saving features, install |
18 |
> noscript (important: WIPE OUT it's whitelist, then selectively add sites |
19 |
> you trust). |
20 |
|
21 |
There is an addon called "Secure Login". I think it solved the original |
22 |
problem by preventing Firefox from sending paaswords without the users |
23 |
agreement but I'm not sure if it really helps at all. |