Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Security Vulnerability: Mozilla Firefox

Security Vulnerability: Mozilla Firefox

As some of you may know, Mozilla Firefox web browser users may be vulnerable to exploits allowing unauthorized users control of the computer or access to sensitive data from recently visited web sites.

Computing Facilities staff is currently in contact with Red Hat to determine if they will be releasing an update for the 1.0x version of Firefox for the Fedora Core 3 (FC3) architecture. Until then Facilities has made available Firefox version 1.5.0.2 for users who do not wish to wait.

To switch to Firefox 1.5.0.2 on your Linux machine

As the root user execute the following:

cat >> /usr/local/depot/depot.pref.local << EOF

# Access Firefox 1.5.0.2 security update 
collection.release 1.5.0.2 firefox

EOF

Then run the following command

   /usr/local/bin/dosupdepot

NOTE: This release is a 32-bit version. If you have a 64-bit machine and have installed your own 64-bit plug-ins they will not work with this version.

For Red Hat 9.0 users, it is unlikely there will be a patch for 1.0x and you are encouraged to move to 1.5.0.2.

For Windows and Mac users, you can update your systems from: http://www.mozilla.com/firefox/releases/1.5.0.2.html#downloadandinstall

For more information about the vulnerabilities you can go to:http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox

If you have any questions or concerns regarding these patches, please contact the SCS Help Desk, x8-4231 or send mail to help+@cs.cmu.edu.

Thank you for your attention,

SCS Help Desk