> Subject: Security ERRATA Moderate: firefox on SL7.x x86_64 >> This update upgrades Firefox to version 60.2.1 ESR. >>... >> Mozilla: Setting a master password post-Firefox 58 does not delete >>unencrypted previously stored passwords (CVE-2018-12383)
On 10/01/2018 11:01 AM, Keith Lofstrom wrote: > This "security fix" wiped out ALL my 130+ saved logins. On Mon, Oct 01, 2018 at 11:05:05AM -0500, O'Neal, Miles wrote: > I switched to Chrome a while back. ... I'm running ancient 32 bit SL6.10 on the laptops, which will get upgraded to SL 7.3 Real Soon Now. Then I will upgrade myself to Chromium, preferred over Chrome because complete source is available. Meanwhile, I restored 60.2.0.esr firefox from a September 25 backup to a test laptop, and the .mozilla user files. It's a bit annoying that I must do both. DELETING user files with an update? That's barbaric. Nyet Kulturni. I added "firefox" to the /etc/sysconfig/yum-autoupdate exclusions list. We'll see how that goes. I would be hosed without backups. I thought I needed backups for security and for my bonehead mistakes, not for protection from mozilla bonehead programmer mistakes. Ah well. Linus Torvalds recently promised to be nicer to Linux developers in the future. If that works out, I'll try to be nicer as well. If not, I still have backups. Sit here, behind this rear tire ... :-) Keith -- Keith Lofstrom kei...@keithl.com