[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnuzilla] IceCat and security updates

From: Mark H Weaver
Subject: Re: [Bug-gnuzilla] IceCat and security updates
Date: Sun, 05 May 2019 22:33:10 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux)

Mart Rootamm <address@hidden> writes:

> As and when Mozilla releases 60.6.2 or 60.7.0, there quickly needs to
> be a new build because of an upstream brouhaha involving the expiry of
> an intermediate signing certificate that disabled all extensions.
> To mitigate the issue, existing users can set
> xpinstall.signatures.required
> to false
> in about:config.

This mitigation sounds like a bad idea to me.  You could be leaving
yourself open to getting hacked by a man-in-the-middle.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]