Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Learn More

how to get access to all the advisories in mozilla?

  • 4 trả lời
  • 1 gặp vấn đề này
  • 1 lượt xem
  • Trả lời mới nhất được viết bởi philipp

more options

Mozilla Foundation Security Advisories (http://www.mozilla.org/security/announce/),

when accessed provides information on many of the advisories, but for some it displays an error that you are not authorized to open. 

I tried to open bug #790879 & it showed following error:- (https://bugzilla.mozilla.org/show_bug.cgi?id=790879). Can anybody please tell me what needs to be done to get complete access of the advisories.

Mozilla Foundation Security Advisories (http://www.mozilla.org/security/announce/), when accessed provides information on many of the advisories, but for some it displays an error that you are not authorized to open. I tried to open bug #790879 & it showed following error:- (https://bugzilla.mozilla.org/show_bug.cgi?id=790879). Can anybody please tell me what needs to be done to get complete access of the advisories.

Tất cả các câu trả lời (4)

more options

hello gauravmunje, bugzilla entries that are marked as security-sensitive are not accessible to the public, but generally speaking only for the security team at mozilla & the reporter of such vulnerabilities - for more information about this policy see www.mozilla.org/projects/security/security-bugs-policy.html

more options

Hey, thanks a ton for the immediate reply.

One more query though:

Can anybody access those security sensitive entries, post public disclosure?

more options

i myself am no mozilla staff but just a contributing volunteer, so i cannot tell you for sure how it works in practise (the policy document is now nearly a decade old). however according to the document most bugs should get disclosed after a unspecified amount of time after they got fixed and then they are just readable like any other normal bug report at bugzilla.mozilla.org.

in case you have a legitimate interest in reviewing a certain inaccessible bug-report (& have an account on bugzilla.mozilla.org) you could also try to write an email to the security@XXX mail address & explain the situation - maybe they can/will add you to the list of people who are authorized to view the details.