Security issues were identified and fixed in mozilla firefox and thunderbird: Google Chrome user alibo encountered an active man in the middle attack on secure SSL connections to Google servers. The fraudulent certificate was mis-issued by DigiNotar, a Dutch Certificate Authority. DigiNotar has reported evidence that other fraudulent certificates were issued and in active use but the full extent of the compromise is not known. For the protection of our users Mozilla has removed the DigiNotar root certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor. Packages for 2009.0 are provided as of the Extended Maintenance Program