Re: [Bug-gnuzilla] IceCat and security updates

bug-gnuzilla

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnuzilla] IceCat and security updates

From:	Mark H Weaver
Subject:	Re: [Bug-gnuzilla] IceCat and security updates
Date:	Sun, 05 May 2019 22:33:10 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux)

Mart Rootamm <address@hidden> writes:

> As and when Mozilla releases 60.6.2 or 60.7.0, there quickly needs to
> be a new build because of an upstream brouhaha involving the expiry of
> an intermediate signing certificate that disabled all extensions.
>
> To mitigate the issue, existing users can set
>
> xpinstall.signatures.required
>
> to false
>
> in about:config.

This mitigation sounds like a bad idea to me.  You could be leaving
yourself open to getting hacked by a man-in-the-middle.

      Mark

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-gnuzilla] IceCat and security updates, andret, 2019/05/01
- Re: [Bug-gnuzilla] IceCat and security updates, Mark H Weaver, 2019/05/03
  - Re: [Bug-gnuzilla] IceCat and security updates, Mike Gerwitz, 2019/05/03
    - Re: [Bug-gnuzilla] IceCat and security updates, Mart Rootamm, 2019/05/05
    - Re: [Bug-gnuzilla] IceCat and security updates, Mark H Weaver <=
    - Re: [Bug-gnuzilla] IceCat and security updates, Gary, 2019/05/06

Prev by Date: Re: [Bug-gnuzilla] IceCat and security updates
Next by Date: Re: [Bug-gnuzilla] IceCat and security updates
Previous by thread: Re: [Bug-gnuzilla] IceCat and security updates
Next by thread: Re: [Bug-gnuzilla] IceCat and security updates
Index(es):
- Date
- Thread