Security update for shell: extenal protocol vulnerability

Asa Dotzler Thu, 08 Jul 2004 22:14:39 -0700

Today, the Mozilla team released a configuration change which fixes the shell: external protocol vulnerability by explicitly disabling the use of the shell: external protocol handler. The fix is available in a small patch or in the newest full release of each of these products.

The XPI patch for all of Mozilla, Firefox and Thunderbird is available at http://ftp.mozilla.org/pub/mozilla.org/mozilla/releases/mozilla1.7.1/shellblock.xpi

New Windows builds of Mozilla, Firefox, and Thunderbird are available at:
http://ftp.mozilla.org/pub/mozilla.org/mozilla/releases/mozilla1.7.1/mozilla-win32-1.7.1-installer.exe
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/0.9.2/FirefoxSetup-0.9.2.exe
http://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/0.7.2/ThunderbirdSetup-0.7.2.exe

More information and detailed instructions about updating your Mozilla applications can be found at http://mozilla.org/security/shell.html

--Asa

_______________________________________________
mozilla-announce mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-announce

Security update for shell: extenal protocol vulnerability

Reply via email to