Thursday, March 7, 2013

Chemspills for 17.0.4 and 19.0.x imminent

Batten down the hatches: those clever little sneaks at Pwn2Own broke open just about everything this year. Java got pwned twice (no surprise given our previous postings on the subject), and Firefox and Internet Explorer 10 fell too, as did Chrome through a very sophisticated attack that leveraged another bug in Windows to not only escape the Chrome sandbox but escalate privileges along the way. Eeek!

The flaw exploited in Firefox does affect TenFourFox and we will be issuing chemspills over the weekend for both stable and unstable branches to patch it. All major issues with 20 have been fixed; next is to issue fixes for some JavaScript conformance testing failures, some of which affect 17. These may or may not make it into the chemspill depending on how long it takes.

1 comment:

  1. TFF 19.0.2 - G5 - show the name as (null) in activity monitor on 10.5.8 PPC. Thx


Due to an increased frequency of spam, comments are now subject to moderation.