Forum Moderators: open
Mozilla has released a new version of the Firefox Web browser with what is described as "significant security and stability improvements." (...) the most serious flaw could allow "remote code execution" attacks.
The article also notes that:
Users already running Firefox 1.5 will receive an automated update notification within 24 to 48 hours.
See also:
[mozilla.com...]
Jim
[mozilla.org...]
In that case, Firefox 1.0.x and Mozilla 1.7.x weren't affected as the error was in newer code. There has been no release of a new Firefox 1.0.x version this time either - but I can't find anywhere whether FF 1.0.x and Mozilla 1.7.x are still properly supported by Mozilla (I sincerely hope they do - it would be a bad sign if they abandoned those products so quickly).
They do state that FF/1.0.8 will be the last 1.0x release for Firefox.
I would expect Mozilla/1.7.13 within a couple of weeks if they do decide to incorporate these fixes into Mozilla Suite.
Jim
And a SeaMonkey 1.0.1:
[mozilla.org...]
The vulnerabilities page is here:
[mozilla.org...]
The problematic bug appears to be this one:
[mozilla.org...]
Workaround
Disable JavaScript until you upgrade to a fixed version.
Nothing mentioned for the Mozilla Suite yet - this may be an ideal time to move over to SeaMonkey 1.0.1 which represents the best direct upgrade path from the Mozilla suite.
