Can it actually access browser history?

Story: Sites can slurp browser history right out of Firefox 16Total Replies: 5
Author Content
BernardSwiss

Oct 11, 2012
8:15 PM EDT
I thought it could just examine URLs currently being visited.
tracyanne

Oct 11, 2012
8:22 PM EDT
Whatever, I just set up the Mozilla security updates ppa, and upgraded to the fix.
djohnston

Oct 12, 2012
9:25 AM EDT
Mozilla has already issued a fix in the form of version 16.0.1.

Firefox 16 re-released fixing multiple vulnerabilities

caitlyn

Oct 12, 2012
3:00 PM EDT
SalixOS pushed 16.0.1 yesterday as did openSUSE.
jdixon

Oct 12, 2012
3:05 PM EDT
The Slackware changelog:

Thu Oct 11 21:25:20 UTC 2012

xap/mozilla-firefox-16.0.1-i486-1.txz: Upgraded. This update fixes a security vulnerability that could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters. (* Security fix *)

xap/mozilla-thunderbird-16.0.1-i486-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunde... (* Security fix *)
caitlyn

Oct 12, 2012
3:07 PM EDT
I still think the Mozilla six week release cycle is beyond insane and guarantees more serious problems like this.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!