Mozilla Privacy Bug
Saturday September 14th, 2002
Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the
The bug was filed in Bugzilla as bug 145579 on Sunday 19th May, with the more serious
UPDATE! Bug 145579 has now been made public.
ANOTHER UPDATE! A fix has been checked in to the trunk. A patch for the 1.0 branch will follow shortly.
YET ANOTHER UPDATE! A patch has now been checked in to the 1.0 branch.
#18 Re: Bad policy strikes again
Sunday September 15th, 2002 10:34 PM
You are replying to this message
A lot of it simply has to do with all of the spouting off that many of those within the inner recesses of the Mozilla circle have done over the past several years. Boasting and bragging about the security of Mozilla (an unfinished and hardly used product during the whole time) in concert with the bashing of vulnerabilities reported in IE: A product with extremely heavy usage that is close under the microscope by all sorts of individuals and groups (good and evil).
Between Mozilla 1.0 and Mozilla 1.0.1 there were 25 security holes discovered (by the mozilla community alone) and now this: An issue known now for quite some time.
So, in a way you can't blame them for being so hush hush. Most are relatively young and don't know any better. Of course, they'll try to come up with excuses and rationalizations like they always do (or try to I should say).
If I were them, I'd be feeling pretty embarassed and stupid, too, to say the very least.