Mozilla Patches 12 Firefox Flaws

Forum Moderators: open

Message Too Old, No Replies

Mozilla Patches 12 Firefox Flaws

engine

10:12 am on Jun 3, 2006 (gmt 0)

Mozilla Corp. on Thursday patched its Firefox browser against 12 vulnerabilities, 5 of them labeled "critical" by the Mountain View, Calif. company.
Firefox 1.5.0.4 is the fourth security update to the 1.5 edition of the browser since it released last November. The number of holes plugged in 1.5.0.4, however, is only half that of April's mega-patch, when 24 total, 11 of them "critical," were fixed

Mozilla Patches 12 Firefox Flaws [techweb.com]

coopster

2:09 pm on Jun 3, 2006 (gmt 0)

My auto-update alert went off yesterday. I was keying when it went off and I inadvertently accepted the update. I usually like to wait a few days to make sure there aren't additional issues with an update, any update that is, browser or otherwise.

However, I am happy to report this one went off without a hitch ;)

[mozilla.org...]

D_Blackwell

4:15 pm on Jun 4, 2006 (gmt 0)

and I inadvertently accepted the update.

I've done this as well, and it really irritates me. I want to be as comfortable as possible that nothing vital to me will be broken before accepting an update.

Purple Martin

3:28 am on Jun 5, 2006 (gmt 0)

Every one of these 1.5.0.x updates has undone my preference for loading URLs typed in the address bar in a new tab. I know that is a really really small issue, nevertheless it annoys me.

Other than that all the upgrades have been seamless. The auto-upgrade feature is great, and I feel safer knowing that my browser is always patched as needed.

ann

8:03 pm on Jun 9, 2006 (gmt 0)

I just found this on the web and wonder did they fix it too?

Unpatched Firefox flaw may expose users...

Google this for the c/net article.

Ann

jdMorgan

8:33 pm on Jun 9, 2006 (gmt 0)

According to Secunia, that "IDN URL Domain Name Buffer Overflow" vulnerability was fixed as of Firefox/1.0.7 on or about 2005-09-23, or two weeks after it was first reported.

Jim

wmuser

9:39 pm on Jun 9, 2006 (gmt 0)

For some reason my autoalert didnt alerted me of a single update

jdMorgan

9:52 pm on Jun 9, 2006 (gmt 0)

Make sure you've got it enabled. If it doesn't show in the "Options->Advanced->Update" dialog box, you can look for it by typing "about:config" into the address bar, and entering "update" into the filter bar.

Make sure that "app.update.enabled" is set to "true."

The current value for "app.update.url" is https://aus2.mozilla.org/update/1/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/update.xml

There was a problem during a certain version transition that caused some of these settings to disappear from the "options" settings, and the only way to change them back so that auto-update works is to go into about:config and do it manually. Sorry, but I've forgotten the details. As I recall, another way to fix it is to uninstall Firefox, then re-install it (your bookmarks and most settings will be retained).

Jim