@honeymonster
Yes, several of these vulnerabilities go back to March. But how do you know when these vulnerabilities have been patched? Firefox 3.6.7 is the first security release since Firefox 3.6.3 (released April 1st), the releases in between (Firefox 3.6.4 and 3.6.6) were dedicated to process separation for plugins and were created from a branch. For all that I know, all these vulnerabilities were most likely fixed in April and May and were just sitting around waiting to be shipped. Had any of these vulnerabilities become public Mozilla would have certainly released a fix. But without that - why should they rush a release, what's the emergency? Arguably, process separation was more important than all these security issues together. And getting it right also meant holding back everything else unless there is a good reason not to.
Discussion on:
Message 14 of 1
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
