borfast Posted September 10, 2005 Share Posted September 10, 2005 (edited) On September 6 a security vulnerability affecting all versions of Mozilla Firefox and the Mozilla Suite was reported to Mozilla by Tom Ferris and on September 8th was publicly disclosed. On September 9, the Mozilla team released a configuration change which, as a temporary measure to work around this problem, disables IDN in the browser. IDN functionality will be restored in a future product update. The fix is either a manual configuration change or a small download which will make this configuration change for the user. Instructions on administering these changes can be found below. Go here for instructions and downloads. PS - When I went to the page and read the instructions, they seemed familiar. I went to the about:config page and the option they mention is already set to false... wasn't this the solution for a previous problem, also related to IDN? Edited September 10, 2005 by borfast Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted September 10, 2005 Share Posted September 10, 2005 Thanks Raul I just upgraded to 1.0.6 yesterday and it was set to true Quote Link to comment Share on other sites More sharing options...
borfast Posted September 11, 2005 Author Share Posted September 11, 2005 Yep, I knew this had been brought up before -> http://www.mozillazine.org/talkback.html?article=6038 In that thread, they talk about the IDN vulnerability, as well as the solution mentioned in the page I linked to above. But now I wonder, why is this being brought up again if it had already been solved?... :| Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted September 11, 2005 Share Posted September 11, 2005 Thanks for the info Raul. Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted September 11, 2005 Share Posted September 11, 2005 But now I wonder, why is this being brought up again if it had already been solved?... :| So people that didn't take the threat seriously before will do so now. Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted September 11, 2005 Share Posted September 11, 2005 It would appear when I upgraded it was turned back on. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted September 11, 2005 Share Posted September 11, 2005 Maybe Mozillasoft didnt remember when making the upgrade and turned it back on by accident. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.