[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [opensuse-security] Firefox exploit found in the wild-Mozilla Foundation Security Advisory 2015-78
On Friday, August 14, 2015 04:30:11 PM Peter Keller wrote:
> Dear Rick, Marcus,
> On Thursday 2015-08-13 17:35, Rick Chung wrote:
> > On Thursday, August 13, 2015 11:04:08 AM Marcus Meissner wrote:
> >> Hi,
> >> Our original plan was to fold wait for Firefox 40. This is also
> >> the version currently in the QA queue for openSUSE.
> >> I hope we can release it today.
> >> Ciao, Marcus
> > Thank you Marcus for this update.
> I hope that I didn't sound too abrupt or demanding: I really appreciate the
> great job that you all do with openSUSE.
No, not at all. :-)
So far, yesterday, I watched the only patch released was for SUSE systems.
Today, Firefox 40 have been available for openSUSE 13.2
I hope this fix will be available for openSUSE 13.1 over the next hours. :-S
> > In the meantime, I tweaked a few Firefox features and switched to "Always
> > Ask" for PDF preview on Application Preferences.
> I can of course do this: my concern is for other users that I support who
> don't know that this vulnerability exists, and even if they knew wouldn't
> understand how it could affect them or what to do about it. (Yes, there are
> Linux desktop users like that out there :-)
Completely agreed. I have those users too. :-(
Even worst, some of those users use to blame sysadmins because they expect
sysadmins will protect them from their own faults. :-@
Let's change sysadmin title to "User's Conscious Soul" :-D
> From long experience, I know that system administration must be done at the
> system level. Any sysadmin strategy that relies on getting the users to do
> something is a broken strategy. In this case, the only realistic fix that
> can be rolled out to non-technical users is to update Firefox to a version
> that is patched for this vulnerability.
Completely agreed. I would not minimize your - our concerns. It is genuine and
critical. This vulnerability needed an urgent fix that I trust is coming quite
soon because Marcus (who use to know the operational process) already
mentioned was ready to be release.
Have a Nice Weekend!!
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx