Mozilla Security Hole

Tuesday April 30th, 2002

Anonymous reports: "Grey Magic is reporting a minor security hole in Mozilla builds from at least 0.9.2 up to the current trunk and 1.0 branch. A bug has been filed in bugzilla, and will be opened to the public to view once the fix has been made. This also affects Netscape browsers from at least 6.1 on. There are no known uses of the vulnerability at this time." We'll let you know when a patch has been checked in for this.

On a side note, Grey Magic recommends that users "should move to a better performing, less buggy browser," on their vulnerability page. Looking at the open issues for it, IE clearly doesn't seem like the better choice.

UPDATE! A fix has been checked into the trunk, and has been approved for checkin to the 1.0 branch. Expect it to be in nightly builds for both branch and trunk starting tomorrow.

#63 Other browsers

by SubtleRebel <>

Wednesday May 1st, 2002 12:25 PM

You are replying to this message

>Is that because you could only think of one other?

Man, you are really reaching to come to that absurd conclusion.

No I am curious because I would like to know who you think is doing a better job than Mozilla. I could provide a long list of browsers for you to choose from, but what would be the point in that? I wanted to know which browser you were thinking of using; I was not trying to recite my knowledge of what browsers are available.

>btw, IE doesn't run on my OS, so I'm neither affected by nor >concerned with IE security bugs, nor with comparisons >between Mozilla's security record / procedures and MSs.

The only reason that I mentioned the IE factoid because I knew how long it took them to fix a similar problem. It was simply an example of how long it can take other companies to fix security problems. It was not meant to be an exhaustive list.

BTW, why did you still not say which browser you would use instead of Mozilla?