Topic: Security update: 0.4.7
A new version dues to a (small) security problem, who come with smalls improvents 
.
Many users ask for a support of FireFox 3. We will support at last when the final version will be relased, before if we have the time ^^
Bugs :
* Fixed a (small) security problem (reported by Roee Hay, IBM).
FireGPG (tested on 0.4.6) suffers from a Cross-Site-Scripting flaw affecting gmail.
Normally, After FireGPG automatically verifies signed mails in Gmail, it prints the public key issuer name underneath the mail message (i.e: "Good sign from Roee Hay (made the 2007 17:26:52)".
However, the issuer name is not sanitized or verified, a fact which leads to an XSS vulnerability. If the issuer name contains a malicious javascript (e.g: "<script> [XSS_PAYLOAD] </script>"), it will be executed under Gmail's context, thus giving the attacker an opportunity to steal the victim's cookies, mail and so on. It can be exploited by sending the victim a signed message and convincing him to add your malicious public key.
* Fixed a problem with the mail autodetect system.
Functionalities :
* Improve performances with gmail
* Patch of tjm1983 applied, who improve signs for old gmail's version.
Locales :
* English corrections from Sebastien Wains
Misc :
* Change the system for upgrades or installs (this page ^^)