IDN spoofing vulnerability in Gecko browsers
Longman, Bill
longman at sharplabs.com
Tue Mar 8 10:06:14 MST 2005
Cian,
I don't think your flippant reply is really called for. YOU might be up on
all things Mozilla/security related, but if other people on the list are
still running an older browser, they are vulnerable.
Bill
> Err, last month called, they want their security vunerability back
>
> This just seems, to a very angry (with the postal service here, that
> is) and cynical me as a slightly more technically accurate 'virus
> scare' email, like the good times one from many years ago; or those
> mails with scare stories about Glade PlugIn air freshners, etc
>
> This bug is fixed in Firefox CVS and possibily even in 1.0 by
> reverting the domain to punycode - you see the real, 7 bit ASCII
> domain name in the adress bar
>
> Also, with the fonts most of us will be using on YDL, the
> character-that-looks-like-an-a that they're using is much, much
> narrower, so it looks differenct
>
> Now, I've got to get back to my waiting in an An Post queuing system
> for all eternity to shout at them.
>
> Cian
More information about the yellowdog-general
mailing list