Follow

Mozilla Firefox 66.0.4 :firefox: fixes certificate chain to re-enable web extensions:

mozilla.org/en-US/firefox/66.0

– expired certificates resulted in disabled web extensions in Firefox and FF-based browsers like Tor Browser
– while some "security" experts recommended to temporarily disable signature checking, we recommend to never do so

@infosechandbook ok, but what about the Firefox for Android? there are no available updates on the Google Play Store.

@infosechandbook @rnickson firefox-esr 60.6.2 dropped in Debian Sid as well which fixes this mess; hopefully it will be in testing and stable very soon.

@infosechandbook @rnickson wonder how long it will take for Fenech to be updated as well

CC. @fdroidorg

@infosechandbook
even in the official tor browser blog they mentioned to disable signature check

@perflyst

Yes, we know. Sadly, the risks of disabling the checks are only discussed in the comment section.

@infosechandbook I have version 66.0.4, but my addons are still disabled. Probably some other setting is interferring. :/

@infosechandbook

On OpenBSD 6.5, update with:

$ doas env PKG_PATH=packages.rhaalovely.net/pub/Op$(uname -r)/packages/$(arch -s)/ pkg_add -u firefox

* ''packages.rhaalovely.net'' is the repository of Landry ;)

#OpenBSD #Firefox

Sign in to participate in the conversation
Mastodon

mastodon.at is a microblogging site that federates with most instances on the Fediverse.