lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <40E5FD54.4070400@cruzio.com> From: dveditz at cruzio.com (Daniel Veditz) Subject: SUPER SPOOF DELUXE Re: Microsoft and Security http-equiv@...ite.com wrote: > 2. If as you claim this is "standard practice" then there is > something wrong with these browsers as it apparently does not > work on them: > > The following browsers are not affected: > * Mozilla Firefox 0.9 for Windows > * Mozilla Firefox 0.9.1 for Windows > * Mozilla 1.7 for Windows > * Mozilla 1.7 for Linux > > http://secunia.com/advisories/11978/ > > Perhaps someone who really knows will enlighten us all. This was originally fixed in late 2001 (Mozilla 0.9.2?) but regressed during some code reorganization about 6 months later; Mozilla 1.0 shipped broken. This was recently rediscovered and fixed for Mozilla 1.7 and Mozilla Firefox 0.9 (http://bugzilla.mozilla.org/show_bug.cgi?id=246448). -Dan Veditz