Mark H Weaver <m...@netris.org> writes:
> On June 7, Mozilla released a batch of security updates on their ESR 45
> branch. Upstream support for the ESR 38 has apparently been dropped.
> Several of the fixed bugs are labelled "critical" by Mozilla, and some
> are expected to allow arbitrary code execution by a remote attacker.
>
>
> https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.2
>
> Therefore, GNU Icecat 38.x can no longer be used safely, and we are in
> urgent need of Icecat 45.2.
Mozilla has now released 45.3 with another batch of critical security
fixes. It has now been over 8 weeks since GNU IceCat has been
vulnerable to published security flaws that are believed to allow
arbitrary remote code execution.
Mark
--
http://gnuzilla.gnu.org
