Mozilla Plans Fix For Critical Firefox Vulnerability In Next Release

← Back to Stories (view on slashdot.org)

Mozilla Plans Fix For Critical Firefox Vulnerability In Next Release

Posted by Soulskill on Saturday March 20, 2010 @04:05AM from the sooner-than-later dept.

Trailrunner7 writes "A month after an advisory was published detailing a new vulnerability in Firefox, Mozilla said it has received exploit code for the flaw and is planning to patch the weakness on March 30 in the next release of Firefox. Mozilla officials said Thursday that the vulnerability, which was disclosed February 18 by Secunia, is a critical flaw that could result in remote code execution on a vulnerable machine. The vulnerability is in version 3.6 of Firefox."

4 of 140 comments (clear)

Min score:

Reason:

Sort:

Re:What kept them? by bunratty · 2010-03-20 04:16 · Score: 3, Informative

Because the vulnerability was not disclosed to Mozilla at first.

--
What a fool believes, he sees, no wise man has the power to reason away.
Re:Planning? It's not enough! by maxume · 2010-03-20 04:40 · Score: 5, Informative

Are you being intentionally ridiculous?
The fix is in the latest beta release already, that binary is slated to be the release candidate, and if testing goes well, it will be the release.

--
Nerd rage is the funniest rage.
Re:Planning? It's not enough! by Athanasius · 2010-03-20 04:42 · Score: 4, Informative

As someone else already quoted:

Mozilla already has released a beta build of Firefox 3.6.2, which contains the fix for the unpatched vulnerability
You can already go and download that 3.6.2 beta if you want, I did.
The 'planning' is about the data of 3.6.2's release, not whether or not it will have this fix included.
Re:Updating... how to? by Bambi+Dee · 2010-03-20 08:20 · Score: 3, Informative

When I go to mozilla.com, a big green button offers me a .tar.bz2 with a distro-agnostic Firefox binary. Isn't that what you mean?