No Firefox 1.0.1 section in "Known vulnerabilities" page

VERIFIED FIXED

Status

www.mozilla.org
General
VERIFIED FIXED
14 years ago
6 years ago

People

(Reporter: Matthew Paul Thomas, Assigned: dveditz)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

14 years ago
To reproduce:
1.  Go to <http://www.mozilla.org/products/firefox/releases/#new>.
    (For future reference, since that seems like a brittle anchor name,
    that's the "What's New 1.0.1" [sic] section.)
2.  Follow the "security fixes" link, which goes to
    <http://www.mozilla.org/projects/security/known-vulnerabilities.html>.

What should happen:
*   The link goes directly to a "Firefox 1.0.1" section on that page.
*   You see a list of security bugs fixed in Firefox 1.0.1.

What actually happens:
*   You see a list of security bugs fixed in everything *except* FF 1.0.1.
(Assignee)

Comment 1

14 years ago
Fixed, at least the known vulnerabilities page. Dunno who owns the link.
Status: NEW → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → FIXED
(Reporter)

Comment 2

14 years ago
Verified, thanks.
Status: RESOLVED → VERIFIED

Comment 3

14 years ago
I think Mozilla Foundation shouldn't have disclosed these vulnerabilities
information until most of the localized builds and Mozilla 1.7.6 are ready. It's
too late.
(Assignee)

Comment 4

14 years ago
Yes, I would have especially liked to have gotten 1.7.6 out the door first, but
when your release is specifically deemed a "security release" people demand to
know what's fixed.

With the small number of changes on the shipping branch it's pretty easy to
figure out what many of the bugs were from the patches. Keeping quiet only hurt
people who didn't know there was a problem, but didn't keep the bad guys from
taking advantage. By announcing people have a chance to protect themselves, by
using the announced workarounds, keeping vigilant (most of the fixes were
spoofs), or using a pre-release or English version if necessary.

Every course of action we could take was wrong, we tried to pick the least bad. 
Product: mozilla.org → Websites
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
You need to log in before you can comment on or make changes to this bug.