Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Firefox 2.0.0.2 released

Published: 2007-02-23
Last Updated: 2007-02-23 21:32:19 UTC
by Jim Clausing (Version: 3)
0 comment(s)
The Mozilla folks have released the long-awaited version 2.0.0.2 of Firefox.  The second link below shows that 7 security issues were fixed.  One rate critical.  Bugs fixed appear to include CVE-2007-1004, CVE-2007-0995, CVE-2007-0981, CVE-2007-0800, CVE-2007-0780, CVE-2007-0779, CVE-2007-0778, CVE-2007-0777, CVE-2007-0776, CVE-2007-0775, CVE-2007-0008, and CVE-2007-0009, among others.  This also fixed the issue with the password manager that was exploited late last year, CVE-2006-6077.  The bookmarklet vulnerability CVE-2007-1084 does NOT appear to have been addressed.

Release Notes: http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/
Security Issues: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.2

Update: As one of our readers pointed out, the Mozilla folks have also released Firefox 1.5.0.10 and SeaMonkey 1.0.8 and a number of the fixes mentioned above apply to these as well.

SeaMonkey security notes: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey1.0.8
FF-1.5.0.10 security notes: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.10
Keywords:
0 comment(s)
Diary Archives