Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> On Sun, 01 Oct 2006 11:34:37 +0100, Roy Schestowitz wrote:
>>| "Mozilla can turn around on a dime," Levy said. "Open-source programmers
>>| can recognize a problem and patch it in days or weeks."
> Oh, that's such bullshit. Let's look at the security vulnerabilities in
> firefox that were patched with 126.96.36.199 on September 14th.
> According to the CVE:
> Heap-based buffer overflow in Mozilla Firefox before 188.8.131.52, Thunderbird
> before 184.108.40.206, and SeaMonkey before 1.0.5 allows remote attackers to cause
> a denial of service (crash) and possibly execute arbitrary code via a
Wow, that sounds pretty serious. And meaningful. To the zero linux
users around here that run firefox as root.