Every decent browser has vulnerabilities (maybe just not published/unknown). You can safely install firefox, but I recommend to use the Noscript extension :) Camilo Reyes wrote: > Hi All, just gave NetBSD a shot and I must say I like the streamlined > simplicity and flexibility in the design so far. The problem I'm having while > installing firefox is this error: > > => Bootstrap dependency digest>=20010302: found digest-20080510 > ===> Checking for vulnerabilities in firefox-2.0.0.14 > Package firefox-2.0.0.14 has a remote-system-access vulnerability, see: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2785 > Package firefox-2.0.0.14 has a memory-corruption vulnerability, see: > http://www.mozilla.org/security/announce/2008/mfsa2008-21.html > Package firefox-2.0.0.14 has a arbitrary-code-execution vulnerability, see: > http://www.mozilla.org/security/announce/2008/mfsa2008-25.html > Package firefox-2.0.0.14 has a arbitrary-code-execution vulnerability, see: > http://www.mozilla.org/security/announce/2008/mfsa2008-33.html > ERROR: Define ALLOW_VULNERABLE_PACKAGES in mk.conf or IGNORE_URLS in > audit-packages.conf(5) if this package is absolutely essential. > *** Error code 1 > > Stop. > make: stopped in /usr/pkgsrc/www/firefox > > It seems Firefox has some built-in holes in it, which makes me think twice > before installing it. Should I install it anyway? Or find an alternative, if > so, which one? > > Thanks, > > > -- Adam
Attachment:
pgpEF99KfMOfb.pgp
Description: PGP signature