Firefox 32.0.3

Ich kopiere mal den Inhalt der Mail an die Mozillians hier rein:

Zitat

Today we released a security update ("chemspill") for all Mozilla products. The reason for the chemspill is a certificate forgery vulnerability in NSS that was discovered by two independent research groups that allows a skilled attacker to masquerade as any site. In the simplest terms, this means that you could have been on your bank's site without knowing whether it was your bank or a malicious site pretending to be your bank. This issue is larger than Mozilla and impacts not only our products but many other projects and products which use NSS for certificate handling in our industry.

What does this mean for YOU?

You should update your Firefox/Thunderbird/SeaMonkey today, regardless of what channel (Release, Beta, Aurora, Nightly, ESR) you are on. Patched versions are listed below:

Firefox 32.0.3
Firefox 33 beta 7
Firefox Aurora 2014-09-24 or later
Firefox Nightly 2014-09-24 or later

Firefox for Android 32.0.3
Firefox for Android 31.1.1
Firefox for Android 33 beta7
Firefox for Android Aurora 2014-09-24 or later
Firefox for Android Nightly 2014-09-24 or later

Firefox ESR 31.1.1
Firefox ESR 24.8.1

Thunderbird 31.1.2
Thunderbird 24.8.1

SeaMonkey 2.29.1 (pending)
SeaMonkey 2.30 beta 1 (targeting early next week)

Does this affect Firefox OS?

We have already landed the fix on all active Firefox branches (2.2, 2.1, 2.0, 1.4) and are working with our partners to push patches to devices that are already in the field.

Alles anzeigen