You are not logged in.
Well, it's happened again to Firefox. I hate to see this happen. Firefox is my favorite browser and I really like the work that they are doing - they are making a great browser. And though people complain at times, I appreciate the work they do in helping bringing it to Linux. However this is the second time it's happened (one time in 3.0.10(?)) and this is no "you may experience slow-downs on flash site" bug. This is an exploit that can allow a hacker free access to your system. I just read about it here:
http://www.linuxtoday.com/news_story.ph … 5-SC-CY-SW
for any that want to see it. 3.5.1 is out now and any that know how might want to use abs to update to the new version. I updated the pkgver to 3.5.1 and built/installed I'm pretty sure that should be enough.
Just wanted to give everyone a heads-up.
Last edited by Gen2ly (2009-07-18 08:15:43)
Setting Up a Scripting Environment | Proud donor to wikipedia - link
Offline
3.5.1 doesn't seem to be in [extra] or [testing]...?
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
for any that want to see it. 3.5.1 is out now and any that know how might want to use abs to update to the new version. I updated the pkgver to 3.5.1 and built/installed I'm pretty sure that should be enough.
just in case, if you're using ABS, make sure you rebuild xulrunner, not only firefox.
Offline
3.5.1 seems not to be there yet, http://releases.mozilla.org/pub/mozilla … .1/source/ says
Firefox 3.5.1 is coming soon!
Thanks for your interest in the upcoming release of Firefox 3.5.1, but there's still a bit more left to do before we're ready. We're asking for our users and fans to be patient and wait until it appears on the official Firefox website before downloading.
Offline
3.5.1 seems not to be there yet, http://releases.mozilla.org/pub/mozilla … .1/source/ says
Firefox 3.5.1 is coming soon!
Thanks for your interest in the upcoming release of Firefox 3.5.1, but there's still a bit more left to do before we're ready. We're asking for our users and fans to be patient and wait until it appears on the official Firefox website before downloading.
Offline
...I was talking about an Arch x86_64 package, not the source
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Looks like it's there now
# pacman -Syu
:: Synchronizing package databases...
core is up to date
extra 377.0K 429.6K/s 00:00:01 [##############################################] 100%
community 370.0K 271.5K/s 00:00:01 [##############################################] 100%
:: Starting full system upgrade...
resolving dependencies...
looking for inter-conflicts...
Targets (15): brltty-4.0-1 xulrunner-1.9.1.1-1 firefox-3.5.1-1 lib32-glibc-2.10.1-3
lib32-e2fsprogs-1.41.8-1 lib32-gcc-libs-4.4.0-5 lib32-libgl-7.4.4-1 lib32-libjpeg-7-1
lib32-libxml2-2.7.3-2 lib32-libxt-1.0.6-1 lib32-mesa-7.4.4-1 recode-3.6-3 enca-1.9-4
libass-0.9.6-2 vlc-1.0.0-5
Total Download Size: 41.50 MB
Total Installed Size: 143.15 MB
Proceed with installation? [Y/n]
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Bad news, there's a second vulnerability that affects firefox 3.5.1, too. No fix yet.
http://xforce.iss.net/xforce/xfdb/51729
I recommend NoScript as a workaround for both of these. Don't allow Javascript from any site you don't have to.
Offline
+1 for NoScript. Never heard of this before. It blocks javascript and only allows for sites you tell it to trust. Very nice! Also finally got rid of those rollover ads.
Setting Up a Scripting Environment | Proud donor to wikipedia - link
Offline