Mozilla Privacy Bug
Saturday September 14th, 2002
Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the
The bug was filed in Bugzilla as bug 145579 on Sunday 19th May, with the more serious
UPDATE! Bug 145579 has now been made public.
ANOTHER UPDATE! A fix has been checked in to the trunk. A patch for the 1.0 branch will follow shortly.
YET ANOTHER UPDATE! A patch has now been checked in to the 1.0 branch.
#41 Re: Re: Re: Bad policy strikes again
Tuesday September 17th, 2002 6:55 AM
You are replying to this message
I doubt this is what Asa is saying. What he means, and what I would have replied to the same arguments, is more like "try having such a project and still fix things in a timely manner, while exposing your security problems to the public". Exposing security bugs to the public right away isn't the right solution when a fix isn't provided at the same time. Now if Joe-commenter who doesn't work on such a project wants to start a project and see the conseqencies of making your security bugs public, he can try and see how it feels.