View Single Post
  #1   (View Single Post)  
Old 19th May 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default Mozilla Firefox 2.0.0.14 update..

Afternoon,

On the first of the month I back-ported mozilla-firefox-2.0.0.14 from -CURRENT.

This moning I discovered I still had the package in my home directory and thought it might be of use to some of the other forum members.

The following security vulnerabilities are fixed:
  • MFSA 2008-20 Crash in JavaScript garbage collector
  • MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
  • MFSA 2008-18 Java socket connection to any local port via LiveConnect
  • MFSA 2008-17 Privacy issue with SSL Client Authentication
  • MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
  • MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
  • MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution

Download link:
Code:
http://www.mediafire.com/?dsnnlly9x4d
Code:
SHA256 (mozilla-firefox-2.0.0.14.tgz) = 6d7df95f407038a8c983b4dd4c5b9ba1abadf30f647d84aecd4dfc131d2af5d3
As similarly asked on jggimi's FAQ, http://jggimi.homeip.net/livecd/faq.html#trust
Q) "Can this non-official package be trusted?"
A) "Of course not. The Internet is a dangerous place."

Still, You have my word as an OpenBSD user, This package is not in any way tampered with.. I like being a member of this site, I wouldn't risk that.

Last edited by BSDfan666; 19th May 2008 at 04:22 PM.
Reply With Quote