[indiana-discuss] Update policy of the /release repository
Guido Berhoerster
guido+opensolaris.org at berhoerster.name
Wed Dec 3 12:17:31 PST 2008
* Alan Coopersmith <Alan.Coopersmith at Sun.COM> [2008-12-03 20:22]:
> 2008.11 includes the latest community release of Firefox (3.0.4).
> What critical vulnerabilities need to be fixed in that release,
> that hasn't been critical enough for Mozilla to issue 3.0.5 yet?
Sorry, I had not noticed that it had been upgraded from 3.0.3 to
3.0.4 between RC1b and RC2.
> (I do see Thunderbird is one revision behind - 2.0.0.17 vs. 2.0.0.18,
> but the security fixes in that release are all rated "low" or
> "moderate" by Mozilla - none are "High" or "Critical".)
The four critical vulnerabilities fixed in Firefox 3.0.4
(http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.4)
all affect Thunderbird < 2.0.0.18 (three of them only if
Javascript is enabled).
But that wasn't my point, take it as a hypothetical question.
--
Guido Berhoerster
More information about the indiana-discuss
mailing list