LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Firefox 3.0.12 released

Firefox 3.0.12 released

Posted Jul 23, 2009 18:41 UTC (Thu) by jwb (guest, #15467)
In reply to: Firefox 3.0.12 released by roc
Parent article: Firefox 3.0.12 released

I totally understand the policy, roc, but wouldn't it be nice to have something more than "You are not authorized to access bug #470487" when a user is trying to look up some of these bugs? All I know about that bug is it's a topcrasher, it must be exploitable (because it's hidden), as of two days ago the fix for it is not in the 1.9.1 branch (according to the platform weekly meeting notes), and it was reported seven months ago.

It might be nice if the Bugzilla page could give me at least some useful information. For example it should tell me the severity of the vulnerability and its status in the trunk and each of the release branches. Then I would at least be able to think about the risk rationally.

(Log in to post comments)

Firefox 3.0.12 released

Posted Jul 24, 2009 0:21 UTC (Fri) by roc (subscriber, #30627) [Link]

That's an interesting idea. It might be useful to reveal that bug 470487 is Windows-only and so probably isn't relevant to you.

But again, we're miles better than our competition in this department. I don't know of any project that supports partial bug revelation.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds