# Why there is no GLSA for Firefox 3.0.14

## cmp

Today I have read in a mailing list that firefox have severel security problems....

"My first thoughts glad that I do often sync and glsa-checks .... huh but I didnt remember Firefox last days"

Is there to much work?

or am I just miss informed about something?

Date Published: 2009-10-27

Remote: Yes

 *Quote:*   

> 36875 Mozilla Firefox CVE-2009-3379 Multiple Remote Memory Corruption Vulnerabilities
> 
>  36873 Mozilla Firefox CVE-2009-3378 Remote Memory Corruption Vulnerability
> 
>  36866 Mozilla Firefox CVE-2009-3382 Remote Memory Corruption Vulnerability
> ...

 

----------

## Veldrin

probably because 3.5.3(-r1) is stable...

----------

## cmp

Mozilla Firefox 3.5.3 is also affected - I read somewhere that the mozzillaguys code on two versions on the same time.  3.5x   and 3.x   that could be why its also affected?! not sure.

http://www.securityfocus.com/bid/36843

----------

## d2_racing

In fact, Mozilla-Firefox 3.5 is stable for at least 2-3 weeks now.

----------

## mikegpitt

I've noticed in the past that firefox vulnerabilities are often not reflected in the glsa's.  I'm not exactly sure why...

EDIT:  FYI - Firefox-3.5.x is still masked ~x86, but it does appear to be stable for amd64 folks.Last edited by mikegpitt on Tue Nov 03, 2009 4:51 pm; edited 1 time in total

----------

## baaann

 *d2_racing wrote:*   

> In fact, Mozilla-Firefox 3.5 is stable for at least 2-3 weeks now.

 

Only on amd64, my x86 has only 3.0.14 stable

```
eix -Qc --stable mozilla-firefox

[I] www-client/mozilla-firefox (3.0.14@14/09/09): Firefox Web Browser

[N] www-client/mozilla-firefox-bin (3.0.14!s): Firefox Web Browser

Found 2 matches.

```

 :Crying or Very sad: 

----------

## Sven Vermeulen

I guess the security bug report is still open.

----------

## a3li

There are lots of issues regarding Mozilla software. They all need to be reviewed and rated. By the time that is finished there is usually a new release and things start from the beginning...

But we're working on it. Maybe there'll be a gigantic GLSA by the time Firefox 4 is released. ;)

----------

