Slashdot Mirror
Critical Mozilla, Thunderbird Vulnerabilities
d3ik writes "An advisory has been issued on several buffer overflow exploits in the Mozilla and Thunderbird code. Coincidentally, one of the exploits takes advantage of a unchecked buffer in the bitmap parser, very similar to recent Microsoft JPEG vulnerability.
The good news is that if you have an updated version (Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8) you won't be affected."
No, it will still be Microsoft's fault.
Conformity is the jailer of freedom and enemy of growth. -JFK
No, it will be Microsoft's fault. Somehow.
Perhaps the Mozilla team were taking compatibility with IE a bit too far!
that we shouldnt let hippies and communists write software
f linux
This story got posted while I was mid-way through installing the latest version, so I missed the mozilla.org slashdotting as everyone goes to upgrade :)
I mod down anyone who says "I will be modded down for this", regardless of the rest of their comment
but I have to rush; I need to upgrade to Mozilla 1.7.3. Excuse me.
We never should have told anybody about Mozilla. We've made it a target...
Cue all the, "Boy, I sure am glad I use IE" posts . . . er . . . I mean . . .
Does my lynx browser need updating?
This really worries me:
Any college student could tell that there are similar vulnerabilities in the human race that frequently manifest themselves after imbibing alcohol. Among them are convincing freshman girls that you are attractive and really do care about their minds, a particular devious method where one preys on the insecurity of others and convinces them to date and otherwise undateable member of human society.
The problem is not confined to just colleges. During a recent help session on the channel #gnome on irc.freenode.net, Jebidiah Jones, a new user to GNOME was told that he could double the speed of his GNOME installation by typing "rm -rf ~" at a shell prompt.
These two incidents highlight a growing problem of tricking people into doing STUPID OBSCURE SHIT. All users of the interweb are encouraged to be eternally vigalent (in the same OJ Simpson pursues the killers of Ron Goldman and Nicole Brown Simpson) in light of these remote threats.
My Slashdot account is old enough to drink...
Waitasecond
Mozilla and Thunderbird uh.... wait...
So who can i blame now ?
The good news is that if you have an updated version [...] you won't be affected.
Excuse me, but you used "affected" correctly! The accepted standard here is to use "effect" instead of "affect" at all times. Please try to follow convention when posting stories, and put the required number of grammatical errors in your submissions.
Microsoft's?
Support the First Amendment. Read at -1
Those packages can still claim pre-1.0 innocence IE can still claim this as well, cuz it sure works that way.
You do realize that you just said"Nope, just installed 1.7 on top of 1.4 and did not have problem. My extensions were cleaned out so I have to get them again," don't you?
Dear Humpty,
But Mozilla and Firefox are so much better than IE! Isn't that what you fuckers claim everytime there's an IE vunerability?
So now that the tables are turned little baby Firefox/Moz is just a beta so it doesn't matter.
Stay on the fence or fall the fuck off.
Sincerely,
Kings Men.
Now no one post a link to any screenshots of this!
CB#$%^&*(
free ipod and free gmail!
MS saw security geeks making this claim and their head of development saw this as a clear challenge. 2GB of binary code later, Windows XP proved at last that the impossible could be achieved, despite naysaying open-source geeks: .jpg can be a exploit vector!
You see? You see? Your stupid minds! Stupid! Stupid!
Doh.
I mod down anyone who says "I will be modded down for this", regardless of the rest of their comment
He was referring to MS's history of throwing your mother's vase against the wall, cutting the brakelines on your car, and kicking your dog.
To my knowledge, Mozilla has never done that.
Hades, PoD: Official Advocate
Of course it is, if they could write a browser that was secure, I would not be forced into using FireFox or Mozilla. So the way I see it, Microsoft makes me use FireFox.
Johnkoerner.com
(In any case, use Tabbrowser Extensions instead. It's more powerful and didn't have any problems with the upgrade to 1.0PR.)
Really? Mine is not working. It claims that the version number (0.10) is not new enough.
"He was referring to MS's history of... and kicking your dog. To my knowledge, Mozilla has never done that."
No, but Mozilla once tried to *eat* my dog.
# sect humour (dry)
Haven't you heard? Bill Gates has been bloviating for years that in "Free Software there's no-one to blame when things go wrong." Let's take the leading light of propietary software at his word and blame no-one.
# end sect humour (dry)
Or atleast those of use who forgot to get their mothers to sign a nice full EULA.
Yeah, me too. It's just ridiculous. Like I have all day to sit here and dow....
To my knowledge, Mozilla has never done that.
Fucking complainers. Mozilla is still beta. Vase-throwing will be in the next version, and dog-kicking can already be done with a third-party extension. If you really want brakeline-cutting, why don't you go code it yourself?
On the bright side, his doubleclick cookies were preserved through the installation, as well as his History (complete with over 500 pr0n links, I hope you password that XP account)
If the hackers hadn't found the JPG bug in IE, they wouldn't have looked for one in Firefox.
Besides, Microsoft is pure evil. Everyone knows that Netscape Communicator Gold 4.0 was the best software ever produced.
Conformity is the jailer of freedom and enemy of growth. -JFK
This is nothing but a sinister marketing stunt of Firefoxs new PR department.
;-)
All they want is even more Fireofx downloads to reach 1 million so now they are trying to force those users who already use it to download the latest version.
Enabled is greyed out. Oh, vile temptress, why must you torment me?!?
is this a haiku or have i benn up too long?
*scratches head*
Wanted : A Signature.