[Labs-announce] Firefox exploit targeting SSH keys
Moritz Mühlenhoff
moritz at wikimedia.org
Fri Aug 7 08:34:54 UTC 2015
Dear labs users,
a file disclosure vulnerability was reported to Mozilla yesterday and
quickly fixed. It was discovered based on an exploit found in the wild
targeting Windows and Linux users for password-related information and also
SSH keys. Please see this Mozilla announcement for details:
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/
If you use Firefox, please install the security updates from Mozilla or as
provided by your distribution (anyone using the Firefox 31 long term branch
is not affected, e.g. Debian stable).
It's unclear since when this exploit was in the wild. If you want to renew
your SSH key for labs to be on the safe side, you can do so in the
"OpenStack" tabs of your preferences on wikitech.
Cheers,
Moritz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.wikimedia.org/pipermail/labs-announce/attachments/20150807/e3620102/attachment.html>
More information about the Labs-announce
mailing list