-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mozilla's own advisory is here:
https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
On 09/30/2014 05:25 AM, raiogam mestri wrote:
McAfee has issued a warning to all the users who use the Mozilla
Firefox browser - and others who share his software encryption.
According to security firm, a serious spoofing vulnerability
signature in Mozilla NSS cryptographic library can allow malicious
people to create tools that can harm consumers with relative ease.
In addition to the Firefox browser, Mozilla NSS library can also
be found in the Thunderbird, Seamonkey and even competitor in
Google Chrome. Nicknamed berserk, the vulnerability allows
attackers to falsify signatures and divert authentication for sites
that use SSL / TLS - which means that even websites like https
can be forged with the malicious drivers. Despite the dangers of
vulnerability, a package of updates for Firefox was released
shortly after the issuance of the alert and is responsible for
neutralization of problems. How Google also uses the encryption
library in question, it is recommended that users of Google Chrome
and Chrome OS also install the updates.
- --
Allen Gunn
Executive Director, Aspiration
+1.415.216.7252
www.aspirationtech.org
Aspiration: Better Tools for a Better World
Read our Manifesto: http://aspirationtech.org/publications/manifesto
Follow us:
Facebook: www.facebook.com/aspirationtech
Twitter: www.twitter.com/aspirationtech
- --
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.14 (GNU/Linux)
iQEcBAEBAgAGBQJUKrO1AAoJENVj9yFHsyq3vysH/j0CBpC70kLBx6aPHMBzyD8H
D7AXuZZhGiTpGzzlW1dBhE2x/HqMSmnujVPsdBMF4VM8iicB7ca/3rtSn99Gw9Of
kkD8ioNLP5Nnl4Nxysgj57SbBKBiVT/y1DSKhj57RdGn0DOgKue0wFZSculDdk+J
BDQwQLQsyUHQdACSTptg1rzRS4lSc6AvA83FOLdUcxtIHExW3bNOG/XsOz6OT5U2
NpmTi/CYcvaOsbqU+ZjL1jBp55BlTV1Vcf64ZiX8F3pCSuSAm7bgwPwryu8t54Kb
2o7mkxR1KBRKjheB7GdFWA0fiG1cQzrYHqFCdmZfvZ4AhhI7P+4vXLfbfSY8SRI=
=oHT+
-END PGP SIGNATURE-
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk