When will Logjam vulnerability be patched in both browsers SeaMonkey & Firefox? Thank you for this information.
https://weakdh.org/
Not sure if this is the correct place to post if not please move to correct thread. Thank You.
When will Logjam be patched in both browsers?
-
- Posts: 148
- Joined: June 11th, 2014, 3:26 pm
- patrickjdempsey
- Posts: 23686
- Joined: October 23rd, 2008, 11:43 am
- Location: Asheville NC
- Contact:
Re: When will Logjam be patched in both browsers?
As soon as you disable the DHE cypher suites yourself. SeaMonkey releases are on hold for now because Mozilla forced changes that require a new build environment on Windows but hasn't bothered to help SM folks set up a new build machine yet.
See:
viewtopic.php?f=38&t=2935955
And:
viewtopic.php?f=3&t=2934629
See:
viewtopic.php?f=38&t=2935955
And:
viewtopic.php?f=3&t=2934629
Tip of the day: If it has "toolbar" in the name, it's crap.
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/
-
- Posts: 148
- Joined: June 11th, 2014, 3:26 pm
Re: When will Logjam be patched in both browsers?
patrickjdempsey wrote:As soon as you disable the DHE cypher suites yourself. SeaMonkey releases are on hold for now because Mozilla forced changes that require a new build environment on Windows but hasn't bothered to help SM folks set up a new build machine yet.
See:
viewtopic.php?f=38&t=2935955
And:
viewtopic.php?f=3&t=2934629
If I am reading those sites above correctly, Firefox won't do it till Firefox 39 is released. I guess so they can pass it down to other operating systems.
The reason I asked is this site https://weakdh.org/ said
If you use a browser…
Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack.
I haven't seen any fixes for chrome either. Do you know if any Mozilla third party browser is doing the patch sooner? I hate to use I.E. for banking.
- patrickjdempsey
- Posts: 23686
- Joined: October 23rd, 2008, 11:43 am
- Location: Asheville NC
- Contact:
Re: When will Logjam be patched in both browsers?
It takes two seconds to disable the ciphers in about:config:
Filter for .dhe and double-click to set them to false.
Filter for .dhe and double-click to set them to false.
Tip of the day: If it has "toolbar" in the name, it's crap.
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/
- LuvKomputrs
- Posts: 659
- Joined: June 9th, 2010, 8:15 am
Re: When will Logjam be patched in both browsers?
Good to know.
Just changed mine.
security.ssl3.dhe_rsa_aes_128_sha is now false
security.ssl3.dhe_dss_aes_256_sha is now false
Just got this message:
Good News! Your browser is safe against the Logjam attack.
Just changed mine.
security.ssl3.dhe_rsa_aes_128_sha is now false
security.ssl3.dhe_dss_aes_256_sha is now false
Just got this message:
Good News! Your browser is safe against the Logjam attack.