Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Do the latest batch of Firefox CVEs apply towards Solaris 10 Firefox 10.0.12?

  • 4 답장
  • 1 이 문제를 만남
  • 11 보기
  • 최종 답변자: James

more options

Oracle representatives are pretty adamant that they have fixed all applicable CVEs for their compiled version of Firefox 10.0.12. However, Retina spits out Audit ID 31271 based on a version check. The CVEs say anything before Firefox 25 is affected. Can I get an official statement from Mozilla that states whether or not these CVEs affect Firefox 10.0.12 in any way? CVE-2013-5590 CVE-2013-5591 CVE-2013-5592 CVE-2013-5593 CVE-2013-5595 CVE-2013-5596 CVE-2013-5597 CVE-2013-5598 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5603 CVE-2013-5604

Oracle representatives are pretty adamant that they have fixed all applicable CVEs for their compiled version of Firefox 10.0.12. However, Retina spits out Audit ID 31271 based on a version check. The CVEs say anything before Firefox 25 is affected. Can I get an official statement from Mozilla that states whether or not these CVEs affect Firefox 10.0.12 in any way? CVE-2013-5590 CVE-2013-5591 CVE-2013-5592 CVE-2013-5593 CVE-2013-5595 CVE-2013-5596 CVE-2013-5597 CVE-2013-5598 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5603 CVE-2013-5604

모든 댓글 (4)

more options

Hello,

I see you're running an older version of Firefox and some plugins are out of date. Please try the following to get your system updated:

  1. Update Firefox to the latest release
  2. Go to the Mozilla Plugin Check site.
    • Once you're there, the site will check if all your plugins have the latest versions.
    • If you see plugins in the list that have a yellow Update button or a red Update now button, please update these immediately.

Please let us know if this helps!

more options

Firefox 10.0.12 is not secure.

more options

All, thank-you for your comments.

SMoziller, I think you have misunderstood the nature of my question. Plugins have nothing to do with the question.

Tylerdowner, I feel the same sentiment, but I need authoritative technical proof from Mozilla that states which CVEs apply so I can publicly inform the Oracle developers that they are doing a disservice to the Solaris community by not providing a secure browser. The statement has to have legal/technical weight.

Perhaps I need to change my question. How do I and what do I examine in the Firefox code built into Solaris to show that the vulnerabilities are still in the code? Is there a way to go through the binaries to find the bad code? What files should I look at and what tools should I use?

글쓴이 kioskUser 수정일시

more options

https://www.mozilla.org/security/known-vulnerabilities/ https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html

The old 10.0.12 ESR was released at same time as the less old 17.0.2 ESR version. So 10.0.12 ESR is missing out on security patches ever since 17.0.3 ESR and newer for example.