I had mentioned the other night on my Firefox 2.0 RC1 Update entry two bug (353264 & 353266) reports I could not access due to not having a high enough authorization level. Today in mozilla links » Firefox vulnerability disclosed at ToorCon 2006:
SecuriTeam has pointed to 3 reported bugs (currently closed to the public) in Mozilla’s Bugzilla database as the cause of the announced vulnerability.
Well, that would explain why I could not get into those two bug reports. Not sure about the third one though, it was not in Friday’s RC2 bug list. In a way I am glad Mozilla is taking the precaution of keeping these bugs ‘classified’ and yet letting us know there is an issue and they are correcting it. The good news is these vulnerabilities will be fixed with tonight’s nightly build, However, for those running the regular RC1 release the update will not be available until RC2 comes out, possibly on Friday.
Blogged with Flock