Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
Advanced search tips 
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Critical Firefox & Thunderbird vulnerabilities

June 12, 2006

Critical vulnerabilities have recently been found in the following software:

  • Firefox web browser  
  • Thunderbird e-mail client   
  • Mozilla SeaMonkey "application suite" (not widely used within SCS)

On Windows, Macintosh, or non-Facilitized Unix hosts, anyone running these software packages should upgrade to the latest versions, which are:

  • Firefox  (See note below if you're running Firefox 1.0.x)  
  • Thunderbird  
  • Mozilla SeaMonkey 1.0.2

    Note: Firefox 1.0.x users should upgrade to since version 1.0.8     is the last released version of the 1.0.x line and no further versions     or security upgrades will be released for 1.0.x.

    For Facilitized Unix hosts, one can upgrade to the latest Firefox and and Thunderbird by putting the following lines in the file /usr/local/depot/depot.pref.local:

    collection.release 1.5x firefox

    collection.release 1.5x thndrbird

    removing any previous local subscriptions to Firefox and then running /usr/local/bin/dosupdepot. SeaMonkey is not installed or supported by SCS Facilities.

    Please contact the SCS Help Desk at x8-4231 or send mail to with any questions or concerns.

    Thank you for your attention,

    SCS Help Desk