Firefox Has Security Update

Discussion in 'HTML' started by cwdjrxyz, Feb 3, 2006.

  1. cwdjrxyz

    cwdjrxyz Guest

    The Firefox 1.5 has a security update and becomes 1.5.0.1 after the
    update. If you did not customize the update feature after you installed
    1.5, you likely will get an automatic update. In my case I got a screen
    today that said Firefox had downloaded the update. If you did not take
    it just then, you could cancel,and it then said it would update the
    next time you turned Firefox on. That is exactly what it did with no
    option to cancel the second time.

    If you wish to change the way Firefox updates, there are several
    options at tools tab > options > advanced. I was content with the
    automatic download and install.
     
    cwdjrxyz, Feb 3, 2006
    #1
    1. Advertising

  2. __/ [cwdjrxyz] on Friday 03 February 2006 05:27 \__

    > The Firefox 1.5 has a security update and becomes 1.5.0.1 after the
    > update. If you did not customize the update feature after you installed
    > 1.5, you likely will get an automatic update. In my case I got a screen
    > today that said Firefox had downloaded the update. If you did not take
    > it just then, you could cancel,and it then said it would update the
    > next time you turned Firefox on. That is exactly what it did with no
    > option to cancel the second time.
    >
    > If you wish to change the way Firefox updates, there are several
    > options at tools tab > options > advanced. I was content with the
    > automatic download and install.


    This doesn't seem to be a crucial update
    <http://www.mozilla.com/firefox/releases/1.5.0.1.html >

    <quote>
    Firefox 1.5.0.1 is a stability and security update that is part of our
    ongoing program to provide a safe Internet experience for our customers. We
    recommend that all users upgrade to this latest version.

    Here's what's new in Firefox 1.5.0.1:

    * Improved stability.
    * Improved support for Mac OS X.
    * International Domain Name support for Iceland (.is) is now enabled.
    * Fixes for several memory leaks.
    * Several security enhancements.
    </quote>

    Also:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.1

    <quote>
    MFSA 2006-08 "AnyName" entrainment and access control hazard
    MFSA 2006-07 Read beyond buffer while parsing XML
    MFSA 2006-06 Integer overflows in E4X, SVG and Canvas
    MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist()
    MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator
    objects
    MFSA 2006-03 Long document title causes startup denial of Service
    MFSA 2006-02 Changing postion:relative to static corrupts memory
    MFSA 2006-01 JavaScript garbage-collection hazards
    </quote>

    I know MFSA 2006-03 quite well because its listing is rather amusing. If a
    page contains a 4-million-character title string (which would take ages to
    load), there is potential for buffer overflow and maybe a browser crash. I
    think someone flagged it as a "critical" flaw at the time.

    Roy
     
    Roy Schestowitz, Feb 3, 2006
    #2
    1. Advertising

  3. cwdjrxyz

    Andy Dingley Guest

    On Fri, 03 Feb 2006 15:09:13 +0000, Roy Schestowitz
    <> wrote:

    >Here's what's new in Firefox 1.5.0.1:
    > * Fixes for several memory leaks.


    Is this just my impression, or has FF 1.5.0.1 gone from the relatively
    lightweight memory consumprion of 1.5, back to the piggish memory hog
    that was 1.0.* ?
     
    Andy Dingley, Feb 4, 2006
    #3
  4. __/ [Andy Dingley] on Saturday 04 February 2006 12:57 \__

    > On Fri, 03 Feb 2006 15:09:13 +0000, Roy Schestowitz
    > <> wrote:
    >
    >>Here's what's new in Firefox 1.5.0.1:
    >> * Fixes for several memory leaks.

    >
    > Is this just my impression, or has FF 1.5.0.1 gone from the relatively
    > lightweight memory consumprion of 1.5, back to the piggish memory hog
    > that was 1.0.* ?


    Can you give evidence? Maybe uptime statistics with memory usage under some
    set conditions? Have you got both version 1 and 1.5? 1.0 could easily eat up
    between 40 to 70 MB of RAM when just one window is open (based on rants in
    Linux newsgroups). Some say it's due to back/forward caching, as well as
    JRE.

    The memory leaks fixes should suggest otherwise, i.e. less memory will be
    used over the long run. In fact, the version number indicates that only
    minor changes have been applied to the initial release which was 1.5.

    Roy

    --
    Roy S. Schestowitz | "Have you compiled your kernel today?"
    http://Schestowitz.com | SuSE Linux | PGP-Key: 0x74572E8E
    3:55pm up 18 days 11:11, 11 users, load average: 1.08, 0.64, 0.51
    http://iuron.com - next generation of search paradigms
     
    Roy Schestowitz, Feb 4, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page