Am 10.08.2015 um 15:13 schrieb Kevin Kofler:
Reindl Harald wrote:but that don't change the fact bringing a zero-day exploit for Firefox as reason not to make it the default browser is bullshit in context of securityI also have to point out that this particular exploit only exists because Firefox reinvents the PDF reader wheel (shipping a PDF reader in JavaScript (!)) instead of reusing Okular as Konqueror does. The Firefox PDF implementation does not even use the poppler library, it's a completely Not Invented Here solution
so what - that makes your from a security experts point of view insane "Konqueror is more safe because nobody targets it for attacks" and "hey there was a security hole" not better
i revert your "does not even use the poppler library" easily with - Add poppler-0.15.0-CVE-2010-3702.patch - Add poppler-0.15.0-CVE-2010-3703.patch - Add poppler-0.15.0-CVE-2010-3704.patch - CVE-2009-3607 poppler: create_surface_from_thumbnail_dataand say "hmm Konqueror and Okular where vulnerable while Firefox was likely not at that moment" just to show that your whole security argumentation is pointless
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ kde mailing list kde@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kde New to KDE4? - get help from http://userbase.kde.org
