Re: Firefox Security Update: Fixed in Firefox 1.5.0.7

[Blue Boar <BlueBoar () thievco com>]

Jordan Wiens wrote:
> The signature forgery looks like fun.  Too bad the bug details in 
> bugzilla are protected still, I'm curious about their exact fix.  It's 
> not like the vulnerability isn't explained in detail in some of the 
> other links anyway.  Anybody know the official mozilla policy on secret 
> bugs?  I would have assumed they'd open up the bugs once the patched 
> version was released.

http://www.matasano.com/log/499/mozilla-falls-to-rsa-forgery-attack/

                                        BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.