FYI...
- http://www.mozilla.com/firefox/
Release Notes:
- http://www.mozilla.com/firefox/2.0/releasenotes/
Features:
- http://www.mozilla.com/firefox/features.html
:bigthumb: :spider:
Printable View
FYI...
- http://www.mozilla.com/firefox/
Release Notes:
- http://www.mozilla.com/firefox/2.0/releasenotes/
Features:
- http://www.mozilla.com/firefox/features.html
:bigthumb: :spider:
"Will v.1.5.0.7 update itself to v.2":
- http://forums.mozillazine.org/viewtopic.php?t=478805
Posted: Oct Wed 25th 2006 5:16am
...I am still with 1.5.0.7 and I want to ask you If it will update itself to version 2 or I have to download it?
Posted: Oct Wed 25th 2006 5:25am
In a few days 1.5.0.8 will be released that will let you have the choice of either staying with 1.5 or Updating to 2.0 see http://forums.mozillazine.org/viewtopic.php?t=476975 ..."
- http://forums.mozillazine.org/viewtopic.php?t=477283
"What's fixed?
-Memory leaks
-Searching a page now searches within text fields
Questions...
-Does Firefox 2.0 still support Windows 98?
Yes. Firefox 3.0 is the release that is planned to drop support for Windows 98..."
Firefox Product Release Roadmap
- http://wiki.mozilla.org/ReleaseRoadmap
.
FYI...
- http://www.infoworld.com/article/06/...ofixbug_1.html
November 02, 2006
"A second minor bug found in the Firefox 2.0 Web browser will be fixed, but users shouldn't encounter much of a problem in the mean time, a Mozilla official said Thursday. The browser will crash if it visits a Web page that been intentionally coded with JavaScript in such a way as to target the bug, said Tristan Nitot, director of European operations for Mozilla. "It's very unlikely that anyone would have put a similar page on any ordinary Web page," so users shouldn't be affected, Nitot said. The problem can't be used to steal data from a computer, he added. It's the second bug that's been found in Firefox 2.0 since its release on Oct. 24. The first bug also causes the browser to hang or crash when a very large document is loaded into an iframe -- an HTML (Hypertext Markup Language) element -- using JavaScript. The new bug will eventually be fixed. "We will fix it because we need reliability," Nitot said..."
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5633
Last revised: 11/2/2006
"...NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference..."
:blink:
FYI...
> http://forums.spybot.info/showthread.php?p=58933
:spider:
FYI...
v2.0.0.2
- http://en-us.www.mozilla.com/en-US/firefox/all.html
v1.5.0.10
- http://en-us.www.mozilla.com/en-US/f...all-older.html
What's New
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Security Updates
- http://www.mozilla.org/projects/secu...s.html#Firefox
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
("Auto-update/Check for update" are currently unavailable but will be soon.)
The "Check for updates" feature is now working (did mine minutes ago - YMMV):
While in the browser, go to >Help >Check for updates
...and that's about it! You're done!
:cool:
FYI...
- http://secunia.com/advisories/24205/
Release Date: 2007-02-24
Last Update: 2007-02-26
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: Mozilla Firefox 1.x, Mozilla Firefox 2.0.x ...
Solution: Update to version 2.0.0.2 or 1.5.0.10..."
v2.0.0.2
- http://en-us.www.mozilla.com/en-US/firefox/all.html
v1.5.0.10
- http://en-us.www.mozilla.com/en-US/f...all-older.html
:fear:
Opps... they "forgot" to include this one on their original list of "fixed" vulns:
Mozilla Foundation Security Advisory 2007-08
- http://www.mozilla.org/security/anno...sa2007-08.html
"Title: onUnload + document.write() memory corruption
Impact: Critical
Announced: February 25, 2007 ...
Fixed in:
Firefox 2.0.0.2
Firefox 1.5.0.10
SeaMonkey 1.0.8 ..."
(Also now listed here):
- http://www.mozilla.org/projects/secu...firefox2.0.0.2
:oops:
Another fix not previously listed:
Mozilla Foundation Security Advisory 2007-09
- http://www.mozilla.org/security/anno...sa2007-09.html
Title: Privilege escalation by setting img.src to javascript: URI
Impact: Critical
Announced: March 5, 2007 ...
Fixed in:
Firefox 2.0.0.2
Firefox 1.5.0.10
SeaMonkey 1.1.1
SeaMonkey 1.0.8
Description: ...The fix for MFSA 2006-72 in Firefox 1.5.0.9 and Firefox 2.0.0.1 introduced a regression that allows scripts from web content to execute arbitrary code by setting the src attribute of an IMG tag to a specially crafted javascript: URI. The same regression also caused javascript: URIs in IMG tags to be executed even if JavaScript execution was disabled in the global preferences... Thunderbird is not affected by this flaw as it will not execute javascript: URIs in IMG tags.
Workaround: Upgrade to a version containing the fix. Disabling JavaScript does not protect against this flaw..."
.
FYI...
"Check for Updates" (now available):
From an admin account, open the Firefox browser, go to >Help >Check for Updates ...
Download sites:
v2.0.0.3
- http://en-us.www.mozilla.com/en-US/firefox/all.html
v1.5.0.11
- http://en-us.www.mozilla.com/en-US/f...all-older.html
What's New
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Description of Release
- http://wiki.mozilla.org/Firefox:1.5....ion_of_Release
"This release is to address several regressions that were discovered in the Firefox 2.0.0.2/1.5.0.10 release."
.
FYI...
- http://preview.tinyurl.com/2mfox3
May 29, 2007 (Computerworld) - "Mozilla Corp. will issue the last security update for its open-source Firefox 1.5 browser today (Wednesday). It will include an automatic update mechanism to give users the option of upgrading to the newer Firefox 2.0... Today's Firefox 1.5.0.12 will be the final security patch for the 18-month-old browser. Also due for delivery is Firefox 2.0.0.4... Firefox 2.0.0.4 will be posted here*, while Firefox 1.5.0.12 will be available from this page** of the Mozilla site. A list of the vulnerabilities*** patched by both updates will be posted sometime after 2.0.0.4 and 1.5.0.12 go live..."
* http://www.mozilla.com/en-US/firefox/all.html
** http://www.mozilla.com/en-US/firefox/all-older.html
*** http://www.mozilla.org/projects/secu...abilities.html
.
FYI - Firefox updates released...
Use "Check for Updates" from an Admin account (>Help >Check for Updates... )
-or-
Download v2.0.0.4:
- http://www.mozilla.com/en-US/firefox/all.html
Download v1.5.0.12:
- http://www.mozilla.com/en-US/firefox/all-older.html
Fixes:
- http://www.mozilla.org/projects/secu...s.html#Firefox
-------------------------------------------------------------------
Support for Mozilla Firefox 1.5 Extended Until Mid-May
- http://www.mozillazine.org/talkback.html?article=21543
April 24th, 2007
Release Schedule
> http://wiki.mozilla.org/Firefox:1.5....lease_Schedule
22 May 2007
.
FYI...
- http://blog.mozilla.com/webdev/
"June 30, 2007 - The download controller was modified on Thursday to prepare for the release of the 1.5.0.12 -> 2.0.0.4 major update..."
...which was made available Sunday 7.1.2007.
.
FYI...
- http://isc.sans.org/diary.html?storyid=3161
Last Updated: 2007-07-18 05:46:09 UTC - "Earlier today, Mozilla Firefox 2.0.0.5 was released which has a number of bug fixes including a couple of privacy related bugs and a few security related ones. Mozilla's Forum* show many of the details of these fixes for those that would like to peruse until the release notes** are updated. You can download the newest version from mozilla.com or through its automated update facility."
* http://forums.mozillazine.org/viewto...cc87b842eccaae
Fixed in Firefox 2.0.0.5
** http://www.mozilla.org/projects/secu...firefox2.0.0.5
Download:
> http://www.mozilla.com/en-US/firefox/all.html
------------------------------
- http://secunia.com/advisories/26095/
Release Date: 2007-07-18
Critical: Highly critical
Impact: Cross Site Scripting, Spoofing, DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 2.0.0.5...
- http://secunia.com/advisories/25984/
.
> http://www.mozilla.org/security/anno...sa2007-23.html
"...Note: Other Windows applications can be called in this way and also manipulated to execute malicious code. This fix only prevents Firefox and Thunderbird from accepting bad data. This patch does not fix the vulnerability in Internet Explorer."
------------------------------
- http://www.us-cert.gov/current/#mult...ozilla_firefox
July 18, 2007
:fear:
FYI...
- http://preview.tinyurl.com/ytjep2
July 18, 2007 - (Mozilla Security Blog) - "Firefox 2.0.0.5 is now available and there is a fix for the URL protocol handling issue... We warned that other Windows applications may be vulnerable to this Internet Explorer issue, and on Sunday Nate Mcfeters, Billy Rios, and Raghav Dube posted a proof of concept that demonstrates the same attack through Internet Explorer to execute code in Trillian. Additionally, Thor Larholm says*..."
* http://larholm.com/2007/07/18/firefo...explorer-flaw/
July 18, 2007 - "... I can still automatically launch a wide range of external applications from Internet Explorer and provide them with arbitrary command line arguments. AcroRd32.exe (Adobe Acrobat PDF Reader), aim.exe (AOL Instant Messenger), Outlook.exe, msimn.exe (Outlook Express), netmeeting.exe, HelpCtr.exe (Windows Help Center), mirc.exe, Skype.exe, wab.exe (Windows Address Book) and wmplayer.exe (Windows Media Player) - just to name a few. I can categorically deny that this flaw has been fixed in Internet Explorer. Nicolas Robillard even detailed this flaw back in 2004 and it has remained unpatched since long before then..."
.
FYI...
Firefox v2.0.0.6 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download:
> http://www.mozilla.com/firefox/all.html
Release Notes
> http://www.mozilla.com/en-US/firefox.../releasenotes/
Release Date: July 30, 2007
-------------------------------
- http://blog.mozilla.com/security/200...now-available/
30 July 2007 - "We’ve just released Firefox 2.0.0.6... The patch enables percent-encoding for spaces and double-quotes in URIs handed off to external programs. This reduces the risk of malicious data being passed through Firefox to another application that may then trigger unexpected and potentially dangerous behavior..."
.
Thanks for the heads-up.
Silj
FYI...
Firefox v2.0.0.7 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download:
> http://www.mozilla.com/firefox/all.html
Release Notes
> http://www.mozilla.com/en-US/firefox.../releasenotes/
Release Date: September 18, 2007
.
FYI...
Firefox v2.0.0.8 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download:
> http://www.mozilla.com/firefox/all.html
Release Notes
> http://www.mozilla.com/en-US/firefox.../releasenotes/
Release Date: October 18, 2007
- http://secunia.com/advisories/27311
Release Date: 2007-10-19
Critical: Highly critical
Impact: Spoofing, Manipulation of data, Exposure of sensitive information, DoS, System access...
Solution: Update to version 2.0.0.8.
:fear:
FYI...
- http://developer.mozilla.org/devnews...to-be-updated/
October 22nd, 2007 at 9:47 pm - "...The 2.0.0.8 release fixed some 200 issues, but accidentally regressed a few things. Most users won’t see any difference or experience any problems, and those 200 fixes make the 2.0.0.8 update very valuable, but you should never have to choose functionality over security. So we’re working fast to understand and fix these problems, and will shortly be issuing a 2.0.0.9 update to address them..."
:oops:
Thanks for the FYI Jack :bigthumb:
Silj
HI,
its cool, conveying such information is a good professional service, Keep up the good work!
FYI...
Firefox v2.0.0.9 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download:
- http://www.mozilla.com/firefox/all.html
Release notes:
- http://www.mozilla.com/en-US/firefox.../releasenotes/
.
FYI...
Firefox v2.0.0.10 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download:
- http://www.mozilla.com/firefox/all.html
Fixed in Firefox 2.0.0.10:
- http://www.mozilla.org/projects/secu...irefox2.0.0.10
.
FYI...
Firefox v2.0.0.11 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download:
- http://www.mozilla.com/firefox/all.html
What's New in Firefox 2.0.0.11
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Release Date:
November 30, 2007
Stability Update:
This release corrects a compatibility issue with some websites and extensions discovered in Firefox 2.0.0.10.
Two bugs fixed in 2.0.0.11:
- http://preview.tinyurl.com/3djrk3
:eek:
FYI...
Firefox v2.0.0.12 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download: http://www.mozilla.com/firefox/all.html
What's New in Firefox 2.0.0.12
- http://www.mozilla.org/projects/secu...irefox2.0.0.12
Release Date: February 7, 2008
-------------------------------
- http://secunia.com/advisories/28758/
Release Date: 2008-02-08
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information,
DoS, System access
Where: From remote...
Solution: Update to version 2.0.0.12.
-------------------------------
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0419
Last revised: 2/11/2008 - "...Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via a crafted page that uses designMode frames, which triggers memory corruption...
Impact: ...CVSS v2 Base score: 10.0 (High)..."
> http://www.mozilla.org/security/anno...sa2008-06.html
Fixed in: Firefox 2.0.0.12, SeaMonkey 1.1.8...
> http://www.mozilla.org/download.html
:fear:
FYI...
Firefox v2.0.0.13 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download
- http://www.mozilla.com/firefox/
What's new:
- http://www.mozilla.com/en-US/firefox.../releasenotes/
- http://www.mozilla.org/projects/secu...s.html#Firefox
- http://secunia.com/advisories/29526/
Release Date: 2008-03-26
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 2.0.0.13...
:fear:
FYI...
Firefox v2.0.0.14 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download
- http://www.mozilla.com/firefox/
What's new:
- http://www.mozilla.com/en-US/firefox.../releasenotes/
April 16, 2008
- http://www.mozilla.org/projects/secu...irefox2.0.0.14
- http://secunia.com/advisories/29787/
Release Date: 2008-04-17
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 2.0.0.14.
:fear:
Hi. Not so long ago, Firefox came highly recommended by a friend and writer who switched from IE to Firefox with great results and resolve to numerous complaints.
This morning, I am so happy about installing Firefox, which I use at local public libraries and really like.
Unless this is not recommended, I am considering downloading Bugzilla, for added security.
Just want to thank you.
Rhonda
"When learning, there are no dull moments so long as there is interest, resource, and effort there is potential for growth and progress. Thanks for your help and contribution to this humble learning process which somehow blesses my life with a feeling of purpose."
FYI...
Firefox v3.0 released
- http://www.mozilla.com/firefox/
Release notes:
- http://www.mozilla.com/firefox/3.0/releasenotes/
Download:
- http://www.mozilla.com/firefox/all.html
(over 45 languages)
---
Suggested reading prior to install:
Release notes / Known Issues:
- http://www.mozilla.com/firefox/3.0/releasenotes/
(Includes)...known problems with Firefox 3...
FYI...
Firefox vuln - unpatched
- http://secunia.com/advisories/30761/
Release Date: 2008-06-19
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 2.0.x, Mozilla Firefox 3.x...
The vulnerability is reported in versions 3.0 and 2.0.x. Other versions may also be affected.
Solution: Do not follow untrusted links nor browse untrusted web sites...
Original Advisory:
http://dvlabs.tippingpoint.com/blog/...lla-firefox-30
"...Not unlike most browser based vulnerabilities that we see these days, user interaction is required such as clicking on a link in email or visiting a malicious web page. While Mozilla is working on a fix, we wont be divulging anything else until a patch is available..."
- http://blog.mozilla.com/security/200...investigation/
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2786
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2785
:fear:
- http://preview.tinyurl.com/47o8yg
June 26, 2008 (arstechnica.com) - "...Mozilla told us that they have not finalized the schedule for when Firefox 3 will be made available to Firefox 2 users through the update channel, but they suspect that it will happen within the next two or three months..."
FYI...
Firefox v2.0.0.15 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download
- http://www.mozilla.com/en-US/firefox/all-older.html
What's New in Firefox 2.0.0.15:
- http://www.mozilla.com/en-US/firefox.../releasenotes/
July 1, 2008
- http://www.mozilla.org/projects/secu...s.html#Firefox
- http://secunia.com/advisories/30911/
Last Update: 2008-07-03
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information,
Exposure of sensitive information, DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 2.0.0.15...
:fear:
FYI...
Firefox v2.0.0.16 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download
- http://www.mozilla.com/en-US/firefox/all-older.html
What's New in Firefox 2.0.0.16:
- http://www.mozilla.com/en-US/firefox.../releasenotes/
July 15, 2008
- http://www.mozilla.org/security/know...firefox20.html
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2785
CVSS v2 Base score: 9.3 (High)
- http://cve.mitre.org/cgi-bin/cvename...=CVE-2008-2933
:fear:
FYI...
Firefox v3.0.1 released
- http://www.mozilla.com/firefox/
July 16, 2008
Upgrading Firefox
- http://support.mozilla.com/en-US/kb/Upgrading+Firefox
"To manually check for a Firefox update, click the Help menu at the top of the Firefox window, and select Check for Updates..."
If "Check for Updates is disabled", see:
- http://support.mozilla.com/en-US/kb/...es+is+disabled
Security Advisories
- http://www.mozilla.org/security/know...l#firefox3.0.1
Known Issues
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Fixes in v3.0.1:
- http://www.mozilla.org/security/anno...sa2008-34.html
- http://www.mozilla.org/security/anno...sa2008-35.html
- http://www.mozilla.org/security/anno...sa2008-36.html
- http://secunia.com/advisories/31106/
Last Update: 2008-07-17
Critical: Highly critical
Impact: Security Bypass, Spoofing, System access
Where: From remote
...The vulnerabilities are reported in versions prior to 3.0.1.
Solution: Update to version 3.0.1 ...
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2785
CVSS v2 Base score: 9.3 (High)
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2933
:fear:
FYI...
Firefox v3.0.2 released
- http://www.mozilla.com/firefox/
Upgrading Firefox
- http://support.mozilla.com/en-US/kb/Upgrading+Firefox
"To manually check for a Firefox update, click the Help menu at the top of the Firefox window, and select Check for Updates..."
If "Check for Updates is disabled", see:
- http://support.mozilla.com/en-US/kb/...es+is+disabled
Security Advisories
- http://www.mozilla.org/security/know...l#firefox3.0.2
Known Issues
- http://www.mozilla.com/en-US/firefox.../releasenotes/
---
Firefox v2.0.0.17 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download
- http://www.mozilla.com/en-US/firefox/all-older.html
What's New in Firefox 2.0.0.17:
- http://www.mozilla.com/en-US/firefox.../releasenotes/
September 23, 2008
- http://www.mozilla.org/security/know...irefox2.0.0.17
---
FF3: http://secunia.com/advisories/32011/
Software: Mozilla Firefox 3.x
CVE reference:
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-3837
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4058
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4060
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4061
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4062
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4063
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4064
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4065
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4067
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4068
FF2: http://secunia.com/advisories/31984/
Software: Mozilla Firefox 2.0.x
CVE reference:
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-0016
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-3835
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-3836
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-3837
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4058
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4059
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4060
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4061
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4062
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4065
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4066
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4067
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4068
http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-4069
.
FYI...
Firefox v3.0.3 released
- http://en-us.www.mozilla.com/firefox.../releasenotes/
September 26, 2008 - "Fixed a problem where users were unable to retrieve saved passwords or save new passwords (bug 454708*)"
* https://bugzilla.mozilla.org/show_bug.cgi?id=454708
- http://www.mozilla.com/firefox/all.html
:rolleyes:
FYI...
Firefox v3.0.4 - v2.0.0.18 released
From an admin account, start Firefox, then >Help >Check for Updates
-or-
Download Firefox v3.0.4
- http://www.mozilla.com/firefox/all.html
Download Firefox v2.0.0.18
- http://www.mozilla.com/firefox/all-older.html
Release Notes
- http://www.mozilla.com/firefox/3.0.4/releasenotes/
Also see "Known Issues..." for v3: All Systems - 9 items, Microsoft Windows - 2...
Security issues
- http://www.mozilla.org/security/know...l#firefox3.0.4
___
Firefox 3
- http://secunia.com/advisories/32713/
Release Date: 2008-11-13
Critical: Highly critical...
Firefox 2
- http://secunia.com/advisories/32693/
Release Date: 2008-11-13
Critical: Highly critical...
FYI...
Firefox v2.0.0.19...
- https://wiki.mozilla.org/WeeklyUpdat...F_Major_Update
2008-12-01 - "...Firefox 2.0.0.19 / 3.0.5 / Major Update...
• On track for December 16 release (possible day slip for major update)
• Firefox 2.0.0.19 will be the last release of Firefox 2 and will not include Phishing Protection..."
- http://news.cnet.com/8301-1009_3-10115852-83.html
December 5, 2008 - "...Google asked Mozilla to disable the feature in Firefox 2.0.0.19 that warns users of sites suspected of hosting identity fraud scams because the older browsers rely on an outdated SafeBrowsing protocol that Google is not supporting anymore..."
:fear:
FYI...
Firefox v3.0.5 released
- http://www.mozilla.com/firefox/
Dec. 16, 2008
Release Notes
- http://www.mozilla.com/firefox/3.0.5/releasenotes/
Security Advisories
- http://www.mozilla.org/security/know...l#firefox3.0.5
Fixed in Firefox 3.0.5
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)
___
Firefox v2.0.0.19 released
- http://www.mozilla.com/en-US/firefox/all-older.html
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Note: This is the last planned release of Firefox 2. All users are encouraged to upgrade to Firefox 3.
Firefox 2.0.0.19 does -not- include Phishing Protection.
___
- http://secunia.com/advisories/33203/
- http://secunia.com/advisories/33184/
:fear: