[DLSLUG-Discuss] FW: US-CERT Technical Cyber Security Alert TA06-208A -- Mozilla Products Contain Multiple Vulnerabilities

Python e-mail addresses are not shown in archives
Sat Jul 29 17:49:26 EDT 2006 

On Sat, 2006-07-29 at 11:44 -0700, Roger wrote:
>  
> Hi everyone,
> I got the NoScript plugin to work.
> I also got Yumex to work on one of my FC4 partitions. Yumex says that
> I have an update available for Firefox. 
> I'll try to download it when I get home, but I have dial-up so it may
> take a little while. lol...
> I also wonder...
> If I were supporting a local network of FC/RedHat machines, could I
> use Yumex to update a local server and have all the local workstations
> point to that server? 

YES, but I have not done so because I do not have multiple computers
sharing the same release.

http://fedoranews.org/alex/tutorial/yum/

Here's a tutorial from April, 2005 that describes the process.  That's
new enough to be useful, but old enough to be slightly different than
current practice.

> I believe that Symantec supports that method for anti-virus updates
> for some enterprise high-end commercial versions.
> Would an enterprise edition of RedHat support that kind of technology
> and methodology?
> -Roger
> 
>  
> 
> Ted Roche <[e-mail addresses are not shown in archives]> wrote:
>         On Jul 28, 2006, at 7:22 PM, Roger wrote:
>         
>         Yes. On some platforms, FireFox will offer to auto-update.
>         Happened 
>         on my Mac yesterday. Ubuntu is offering an updated T-bird
>         this 
>         morning. You'll need to check with the maintainers of your
>         distribution.
>         
>         > III. Solution
>         >
>         > Upgrade
>         >
>         > Upgrade to Mozilla Firefox 1.5.0.5, Mozilla Thunderbird
>         1.5.0.5, or
>         > SeaMonkey 1.0.3.
>         >
>         > Disable JavaScript and Java
>         >
>         > These vulnerabilities can be mitigated by disabling
>         JavaScript and
>         > Java in all affected products. Instructions for disabling
>         Java in
>         > Firefox can be found in the "Securing Your Web Browser"
>         document.
>         >
>         
>         I recommend NoScript plug-in for FireFox. I only enable js
>         when -I- 
>         want it to run.
>         
>         
>         Ted Roche
>         Ted Roche & Associates, LLC
>         http://www.tedroche.com
>         
>         
>         
> 
> 
> 
> 
> ______________________________________________________________________
> Groups are talking. We´re listening. Check out the handy changes to
> Yahoo! Groups. 
> _______________________________________________
> DLSLUG-Discuss mailing list
> [e-mail addresses are not shown in archives]
> http://dlslug.org/mailman/listinfo/dlslug-discuss
-- 
Lloyd Kvam
Venix Corp

More information about the DLSLUG-Discuss mailing list