Mozilla Thunderbird 1.0.7 Has Been Released

    Date: 10/01/05 (Mozilla)    Keywords: security, linux

    On Thursday, September 29, mozillaZine officially announced that Mozilla Thunderbird 1.0.7 was available for download. Amongst other changes, this new release includes fixes for a return receipt regression introduced in version 1.0.2 (bug 289091) and the Linux command line URL parsing security flaw.

    According to mozillaZine, the Linux command line URL parsing security flaw "could allow an attacker to execute arbitrary commands on a victim's system. The bug exists in the Linux shell scripts that Firefox and the Mozilla Application Suite rely on to parse URLs supplied on the command line or by external programs. If the supplied URL contains any Linux commands enclosed in backticks, these will be executed before Firefox or the Mozilla Application Suite tries to open the URL. Variables such as $HOME will also be expanded." For more information regarding this security flaw, click here

    Thunderbird 1.0.7 can be downloaded from the Thunderbird Product Page

    Note: It is recommended that all Thunderbird users upgrade to this latest version at their earliest convenience.

    Source: http://www.livejournal.com/community/mozilla/324942.html

« Livejournal and Firefox... || Question »
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home