Firefox v.6.0.1 | Visible Procrastinations

Firefox v.6.0.1

Published September 1, 2011 firefox , patch , security Leave a Comment

Firefox v.6.0.1 was offered to release channel users on August 30th, 2011.

What’s New in Firefox 6 [3]
The latest version of Firefox has the following changes:
* Revoked the root certificate for DigiNotar due to fraudulent SSL certificate issuance (see bug 682927 and the security advisory)

Fixed in Firefox 6 [4]
MFSA 2011-34 Protection against fraudulent DigiNotar certificates

Vulnerability ratings: 1 High
Affects: Windows, OSX, Linux, Android …
Evaluation: Upgrade, but be aware of impacts;

One possibility is to remove the DigiNotar CA from the list of trusted CAs. The problem with this approach is that now legitimate certificates, signed by DigiNotar, will no longer validate. The last thing you want to do IMHO is to get users accustomed to bypassing these warnings. I am not sure how popular DigiNotar is, so maybe it is an option in this case.
Certificate revocation lists are supposed to solve this problem. But they are not always reliable. However, for high profile breaches like this one, expect a browser patch that adds the certificate to a blacklist. Apply the patch as it becomes available. — SANS [5]

LINKS:
[1] Firefox Updated: Firefox 6.0.1 (2011-Aug-30) [Mozilla]
[2] Firefox features [Mozilla]
[3] Mozilla Firefox 6.0.01 Release Notes (2011-Aug-30) [Mozilla]
[4] Security Advisories for Firefox [Mozilla]
[5] DigiNotar SSL Breach (2011-Aug-30) [SANS]

About these ads

0 Responses to “Firefox v.6.0.1”

Feed for this Entry Trackback Address

Leave a Comment

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Categories

Twittering

RT @abcnews: Survey finds a quarter of Aussie kids aged between 8 and 12 use Facebook, despite the minimum age for a user being 13 http://t… 28 minutes ago
RT @wilw: alt.joffrey.baratheon.die.die.die 2 hours ago
RT @stephenfry: Wonder if @Yahoo will censor @tumblr 7 hours ago
RT @Flickr: A brighter #Flickr is here. A new design, a stunning Android app, and...drumroll...1 free terabyte of space for all: http://t.c… 7 hours ago
@ButteredFrog @lesvachesdutour Now up to 97 ;) #ButteredFrog100 19 hours ago
RT @theage: The data roaming rip-off: How can a megabyte of data be 1000 times more expensive when you're overseas? theage.com.au/business/intel… 22 hours ago
@sitdowninfront with TeeJay, Cadel and Andy doing so well, did you find a magic lamp? #3wishes ;) 1 day ago
@miketomalaris @SBS1 on TV @SBS2 on iPad 1 day ago
RT @crushtor: Khaleesi, what did I tell you about clubbing all night and popping E! You'll think you'll win Eurovision or something #sbseur… 1 day ago
Time for the Greek Ska - pass the alcohol #sbseurovision 1 day ago

Follow

Follow “Visible Procrastinations”

Powered by WordPress.com

%d bloggers like this: