First Maintenance Update for Firefox 3
Mozilla has just released version 3.0.1 of the Firefox browser; the first maintenance update removes a couple of vulnerabilities and fixes a some minor bugs.
The Mozilla developers closed down three security holes, one of which only affected Mac OS X systems. All three are classified as critical by the Mozilla Security Advisories. Mozilla did not disclose whether the vulnerabilities were the ones revealed shortly after the final release of thenext generation browser.
The first bug affected the browser rendering engine's CSS functions. Potential attackers could use a rogue website to exploit the vulnerability and run arbitrary code. This assumed that JavaScript was enabled.
The second vulnerability allowed attackers to open web pages in tabs via the command line despite the fact that Firefox was not running. In combination with other vulnerabilities this would give attackers the ability to sniff data and run arbitrary code.
The third vulnerability (MFSA 2008-36) alone affects Apple computers. The browser would crash if a user opened manipulated gif type image files in Firefox 3; this in turn might allow attackers to run arbitrary code.
The bugfixes included an page printing error, and an error that caused the phishing and malware database to fail to update on first launch. There was also an error that affected the SSL certificate exception list and that has now been fixed. For more information on bugfixes check out the Release Notes. Just a few days ago, the Mozilla Foundation released updates for Firefox 2 and Seamonkey, which were affected by the some of same bugs.
Updates for various versions of Firefox and for Seamonkey are available from the Mozila Websites. Binary packages will be released for various distributions in the next few days. Red Hat has already published updates.
Issue 210/2018
Buy this issue as a PDF
News
-
Red Hat Enterprise Linux 7.5 Released
The latest release is focused on hybrid cloud.
-
Microsoft Releases a Linux-Based OS
The company is building a new IoT environment powered by Linux.
-
Solomon Hykes Leaves Docker
In a surprise move, Solomon Hykes, the creator of Docker has left the company.
-
Red Hat Celebrates 25th Anniversary with a New Code Portal
The company announces a GitHub page with links to source code for all its projects
-
Gnome 3.28 Released
The latest GNOME rolls out with better contact management and new features for handling virtual machines.
-
Install Firefox in a Snap on Linux
Mozilla has picked the Snap package system to deliver its application to Linux users.
-
OpenStack Queens Released
The new release comes with new features for mission critical workloads.
-
Kali Linux Comes to Windows
The Kali Linux developers even managed to run full blown XFCE desktop via WSL.
-
Ubuntu to Start Collecting Some Data with Ubuntu 18.04
It will be an ‘opt-out’ feature.
-
CNCF Illuminates Serverless Vision
The Cloud Native Computing Foundation announces a paper describing their model for a serverless ecosystem.