Welcome to WebmasterWorld Guest from 54.147.189.54

Forum Moderators: incrediBILL

Message Too Old, No Replies

Mozilla Patches 12 Firefox Flaws

     
10:12 am on Jun 3, 2006 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22287
votes: 236


Mozilla Corp. on Thursday patched its Firefox browser against 12 vulnerabilities, 5 of them labeled "critical" by the Mountain View, Calif. company.

Firefox 1.5.0.4 is the fourth security update to the 1.5 edition of the browser since it released last November. The number of holes plugged in 1.5.0.4, however, is only half that of April's mega-patch, when 24 total, 11 of them "critical," were fixed

Mozilla Patches 12 Firefox Flaws [techweb.com]

2:09 pm on June 3, 2006 (gmt 0)

Administrator

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 31, 2003
posts:12533
votes: 0


My auto-update alert went off yesterday. I was keying when it went off and I inadvertently accepted the update. I usually like to wait a few days to make sure there aren't additional issues with an update, any update that is, browser or otherwise.

However, I am happy to report this one went off without a hitch ;)

[mozilla.org...]

4:15 pm on June 4, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 29, 2003
posts:1676
votes: 0


and I inadvertently accepted the update.

I've done this as well, and it really irritates me. I want to be as comfortable as possible that nothing vital to me will be broken before accepting an update.
3:28 am on June 5, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 21, 2002
posts:977
votes: 0


Every one of these 1.5.0.x updates has undone my preference for loading URLs typed in the address bar in a new tab. I know that is a really really small issue, nevertheless it annoys me.

Other than that all the upgrades have been seamless. The auto-upgrade feature is great, and I feel safer knowing that my browser is always patched as needed.

ann

8:03 pm on June 9, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 25, 2002
posts:2605
votes: 0


I just found this on the web and wonder did they fix it too?

Unpatched Firefox flaw may expose users...

Google this for the c/net article.

Ann

8:33 pm on June 9, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


According to Secunia, that "IDN URL Domain Name Buffer Overflow" vulnerability was fixed as of Firefox/1.0.7 on or about 2005-09-23, or two weeks after it was first reported.

Jim

9:39 pm on June 9, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 25, 2005
posts:677
votes: 0


For some reason my autoalert didnt alerted me of a single update
9:52 pm on June 9, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Make sure you've got it enabled. If it doesn't show in the "Options->Advanced->Update" dialog box, you can look for it by typing "about:config" into the address bar, and entering "update" into the filter bar.

Make sure that "app.update.enabled" is set to "true."

The current value for "app.update.url" is https://aus2.mozilla.org/update/1/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/update.xml

There was a problem during a certain version transition that caused some of these settings to disappear from the "options" settings, and the only way to change them back so that auto-update works is to go into about:config and do it manually. Sorry, but I've forgotten the details. As I recall, another way to fix it is to uninstall Firefox, then re-install it (your bookmarks and most settings will be retained).

Jim