lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 1 Mar 2005 09:50:59 +1000
From: Beau Henderson <silentbob@...il.com>
To: bugtraq@...urityfocus.com
Subject: Re: Firefox Software Update


I've only had skin / addons updated via that method. I don't think its
meant to actually update firefox between releases, though I have seen
minor firefox updates in the 0.9.3 days if im not mistaken. Perhaps
its just not ripe enough to go primetime ? Either way, I think its
still suggested to uninstall firefox before installing any new
version. It would be nice if there was some official notice that
version upgrades are not supported through the firefox update option
especially for those less than comfortable with a computer. We don't
want those people switching back to .. whats it called now do we.

Anyways, im not sure this will get much attention here from the FF devs.


On Sun, 27 Feb 2005 20:29:36 +1100, Kai Howells <kai@...ketcat.info> wrote:
> It appears that there is a problem with the Firefox Software Update, at
> least in Firefox 1.0 on Windows and Mac OS X.
> 
> In Preferences -> Advanced -> Software Update there are checkboxes to
> Periodically check for updates to Firefox and My Extensions. It doesn't
> appear that this feature works at all. I've not been notified via this
> method that Firefox 1.0.1 has been released, even manually hitting the
> Check Now button (that takes a minute or so to do it's thing over a
> cable internet connection) happily reports back to me that there are no
> available updates.
> 
> Now, there are a couple of bugs, listed as critical in bugzilla, that
> confirm that I'm not alone with these problems, however they don't
> appear to be assigned to anyone at this stage. I believe that this
> issue deserves more attention than it's currently getting as security
> is one of the stated design goals of the project and with no working
> auto-update feature we're potentially being put in a worse position
> than with other vendor's alternatives that at least have monthly
> updates.
> 
> Regards,
> Kai Howells
> 
> 


-- 
Beau Henderson
http://www.iminteractive.net

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ