Firefox 1.03?

nocturn ulist at gs1.ubuntuforums.org
Tue Apr 26 07:29:24 UTC 2005 

Daniel Robitaille Wrote: 
> On Sun, 2005-24-04 at 11:42 -0700, Shawn Christopher wrote:

> 

> >     Thanks for the clarification...however I think the big issue now
> is 

> > the fact of informing the community that this is happening. Is there
> a 

> > way to post on the front page of the Ubuntu site or put a news
> heading 

> > that this is happening. Just a basic "A few users have noticed that 

> > Firefox is at 1.0.3 because of security updates, however Ubuntu has 

> > Firefox 1.0.2. The reason this is the case is because instead of 

> > changing our versioning number we have backported the security update
> 

> > from 1.0.3 into Ubuntu Firefox 1.0.2.

> > 

> >     I hope this will help aliveiate the concerns that are being 

> > expressed by the community. Thank You.

> 

> Well, if I was in charge, I think security should be a bit more front

> and centre on the web page.  What I would do would be to add one

> "Security" tab on the main Ubuntu web page, somewhere between

> "Community" and "Support".  

> 

> From that new tab, I would point to a nice user friendly page which

> would serve as a summary of various security-related information and

> links.  I spent a few minutes tonight creating a wiki page, sort of a

> first draft, of things that could possibly go on that possible
> security

> page:

> http://www.ubuntulinux.org/wiki/UbuntuSecurity

> 

> 

> 

> Then your notice about Firefox 1.0.3 vs Hoary's 1.0.2 could go on that

> security page as a note.  I would probably add a few more external
> links

> in there, maybe some Linux security pages/tutorials, links to CERT and

> their various mailing lists; that sort of thing.

> 

> 

> 

> -- 

> Daniel Robitaille

> GPG: http://robitaille.fastmail.fm/pubkey.asc (0x5C19F466)

> IM Jabber: robitaille at jabber.org

> 

> -- 

> ubuntu-users mailing list

> ubuntu-users at lists.ubuntu.com

> http://lists.ubuntu.com/mailman/listinfo/ubuntu-users

> 

> -----BEGIN PGP SIGNATURE-----

> Version: GnuPG v1.2.5 (GNU/Linux)

> 

> iD8DBQBCbIRCCHzpd1wZ9GYRAij7AKC/8o7FT21qnyQg/9S/rNAuOX8GBgCfewbF

> o/lP3gW9GRq3oKHKBhw2v88=

> =7pgb

> -----END PGP SIGNATURE-----



The problem now is that the javascript vuln is very, very serious and
both Warty and Hoary are hit by it (tested it today).  Actually, Warty
is vuln. to a whole lot more.


-- 
nocturn

More information about the ubuntu-users mailing list