|
|
Subscribe / Log in / New account

Mozilla: Improving Security for Bugzilla

Mozilla: Improving Security for Bugzilla

Posted Sep 5, 2015 10:02 UTC (Sat) by warrax (subscriber, #103205)
Parent article: Mozilla: Improving Security for Bugzilla

What's most amazing to me about this is that there are (at the very least) 3 bugs which are classified as sec-high or sec-critical which have been lingering in the bug tracker for over 130 days. If that doesn't scare you about the security of the Firefox code base, I don't know what will.

(Not that I think proprietary or Chrome/Chromium code is necessarily any better, but damn... I guess this might be some of the reasoning behind Rust, but I doubt that those bugs are simple memory safety issues -- which are *usually* pretty easy to fix.)

to post comments

Mozilla: Improving Security for Bugzilla

Posted Sep 5, 2015 12:10 UTC (Sat) by roc (subscriber, #30627) [Link] (1 responses)

How did you draw that conclusion?

Mozilla: Improving Security for Bugzilla

Posted Sep 5, 2015 17:04 UTC (Sat) by warrax (subscriber, #103205) [Link]

They mention how long the attacker had access to different classes of bugs.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds