Mozilla Security Hole

Tuesday April 30th, 2002

Anonymous reports: "Grey Magic is reporting a minor security hole in Mozilla builds from at least 0.9.2 up to the current trunk and 1.0 branch. A bug has been filed in bugzilla, and will be opened to the public to view once the fix has been made. This also affects Netscape browsers from at least 6.1 on. There are no known uses of the vulnerability at this time." We'll let you know when a patch has been checked in for this.

On a side note, Grey Magic recommends that users "should move to a better performing, less buggy browser," on their vulnerability page. Looking at the open issues for it, IE clearly doesn't seem like the better choice.

UPDATE! A fix has been checked into the trunk, and has been approved for checkin to the 1.0 branch. Expect it to be in nightly builds for both branch and trunk starting tomorrow.

#89 Netscape missed a big opportunity here

by johann_p

Thursday May 2nd, 2002 5:36 AM

You are replying to this message

IMO Netscape gave away a big oportunity to score as "the better browser provider" here: instead of embarrassing MS by reacting fast and with an openminded attitute to this, the impression is that Netscape tries to be even better in simply ignoring security issues. No announcement on the NS page, no patch or new version availeble, nothing. Instead, every paper with a tech column has the news here and most of them underline that a) the problem is still unresolved and b) NS people are unavailable to comment. Is this their marketing strategy to make people switch over from IE?