#mozilla said an unknown #attacker accessed its #bugzilla bug-and-change tracking database, stole information about 53 critical security #vulnerabilities, and used at least one of those flaws to attack #firefox #users.
Bugzilla is the open-source #tracker that Mozilla’s developers — both paid and volunteer — use to log issues, whether security related or not; discuss different options before making changes; and pass potential fixes back and forth. Normally, #bugs are open to the public, but some, especially ongoing security fixes, are accessible only to privileged account holders.
Entries on critical bugs are blocked to all but privileged accounts long after a fix has been released to ensure that the bulk of Firefox users have installed the patch.
