[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-gnuzilla] IceCat and security updates
From: |
Mark H Weaver |
Subject: |
Re: [Bug-gnuzilla] IceCat and security updates |
Date: |
Sun, 05 May 2019 22:33:10 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
Mart Rootamm <address@hidden> writes:
> As and when Mozilla releases 60.6.2 or 60.7.0, there quickly needs to
> be a new build because of an upstream brouhaha involving the expiry of
> an intermediate signing certificate that disabled all extensions.
>
> To mitigate the issue, existing users can set
>
> xpinstall.signatures.required
>
> to false
>
> in about:config.
This mitigation sounds like a bad idea to me. You could be leaving
yourself open to getting hacked by a man-in-the-middle.
Mark