Package: mozilla-firefox
Version: 1.0.4-2sarge
Severity: critical
Hi,
I'm using the very latest version of Debian, which is 3.1r2
(Sarge + all security updates). The IT people at work here are bugging
me because the version of firefox installed on my system contains
multiple vulnerabilities.
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox
I don't always agree with our IT people, but it seems to my
that Firefox 1.0.8 fixes quite a lot of remote vulnerabilities. I
usually don't care about local exploit, and I usually don't care much
about the security of package I rarely use, as I'm the only user of
that box, but remote vulnerabilities in my browser scare me. It seems
to me that nowadays the browser is one of the main vector of attacks.
In other words, if there is only one package on that box that
should be up to date, that should be Firefox.
I also wonder what will happen in the future. Firefox 1.0.X
seems to be discontinued by the Mozilla fundation. I hope it doesn't
mean that users of Stable will be left vulnerable. I hope you will
find a workable solution, such as putting Firefox 1.5 in stable.
http://developer.mozilla.org/devnews/index.php/2006/04/12/sunset-announcement-for-fxtb-10x-and-mozilla-suite-17x/
Thanks for the good work on the package, and thanks in advance
for keeping me safe while browsing.
Jean
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
