[gopher] OverbiteFF new version ready -- upgrade *strongly* advised
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Firefox 3.0b5 came out, which is serendipitous, because I discovered a bug in
OverbiteFF this afternoon which can use a malformed selector to inject
arbitrary HTML or JS into the gopher menu->HTML converter. Fortunately we have
no such malicious servers out there as of yet, and any code injected with this
method would not run chromed, but this bug is now corrected along with
another one that sometimes put a spurious port -1 into the navigation system.
It has also been tested against 3.0b5 and seems to otherwise work fine.
For ease in identifying updates, the about:overbite now shows a build number.
This version should be build 1286.
Any beta user of OverbiteFF is advised to update.
gopher://gopher.floodgap.com/9/overbiteff.xpi
--
------------------------------------ personal: http://www.cameronkaiser.com/ --
Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser@xxxxxxxxxxxx
-- Intel outside -- 6502 inside! ----------------------------------------------
- [gopher] OverbiteFF new version ready -- upgrade *strongly* advised,
Cameron Kaiser <=
- [gopher] Re: OverbiteFF new version ready -- upgrade *strongly* advised, David Meyer, 2008/04/03
- [gopher] Re: OverbiteFF new version ready -- upgrade *strongly* advised, Cameron Kaiser, 2008/04/03
- [gopher] Re: Removing OverbiteFF from back-level Firefox / HGopher stock configuration, David Meyer, 2008/04/05
- [gopher] Re: Removing OverbiteFF from back-level Firefox / HGopher stock configuration, Matthew Nawrocki, 2008/04/05
- [gopher] Re: Removing OverbiteFF from back-level Firefox / HGopher stock configuration, Cameron Kaiser, 2008/04/05
- [gopher] Re: Removing OverbiteFF from back-level Firefox / HGopher stock configuration, JumpJet Mailbox, 2008/04/05
- [gopher] Re: Removing OverbiteFF from back-level Firefox / HGopher stock configuration, JumpJet Mailbox, 2008/04/05
|
|