FYI...
- http://www.mozilla.com/firefox/
Release Notes:
- http://www.mozilla.com/firefox/2.0/releasenotes/
Features:
- http://www.mozilla.com/firefox/features.html
FYI...
- http://www.mozilla.com/firefox/
Release Notes:
- http://www.mozilla.com/firefox/2.0/releasenotes/
Features:
- http://www.mozilla.com/firefox/features.html
Last edited by AplusWebMaster; 2006-10-25 at 02:44. Reason: "Features" link added...
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
"Will v.1.5.0.7 update itself to v.2":
- http://forums.mozillazine.org/viewtopic.php?t=478805
Posted: Oct Wed 25th 2006 5:16am
...I am still with 1.5.0.7 and I want to ask you If it will update itself to version 2 or I have to download it?
Posted: Oct Wed 25th 2006 5:25am
In a few days 1.5.0.8 will be released that will let you have the choice of either staying with 1.5 or Updating to 2.0 see http://forums.mozillazine.org/viewtopic.php?t=476975 ..."
- http://forums.mozillazine.org/viewtopic.php?t=477283
"What's fixed?
-Memory leaks
-Searching a page now searches within text fields
Questions...
-Does Firefox 2.0 still support Windows 98?
Yes. Firefox 3.0 is the release that is planned to drop support for Windows 98..."
Firefox Product Release Roadmap
- http://wiki.mozilla.org/ReleaseRoadmap
.
Last edited by AplusWebMaster; 2006-10-25 at 18:20. Reason: Added Firefox release roadmap...
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
FYI...
- http://www.infoworld.com/article/06/...ofixbug_1.html
November 02, 2006
"A second minor bug found in the Firefox 2.0 Web browser will be fixed, but users shouldn't encounter much of a problem in the mean time, a Mozilla official said Thursday. The browser will crash if it visits a Web page that been intentionally coded with JavaScript in such a way as to target the bug, said Tristan Nitot, director of European operations for Mozilla. "It's very unlikely that anyone would have put a similar page on any ordinary Web page," so users shouldn't be affected, Nitot said. The problem can't be used to steal data from a computer, he added. It's the second bug that's been found in Firefox 2.0 since its release on Oct. 24. The first bug also causes the browser to hang or crash when a very large document is loaded into an iframe -- an HTML (Hypertext Markup Language) element -- using JavaScript. The new bug will eventually be fixed. "We will fix it because we need reliability," Nitot said..."
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5633
Last revised: 11/2/2006
"...NOTE: the original Bugtraq post mentioned that code execution was possible, but followup analysis has shown that it is only a null dereference..."
Last edited by AplusWebMaster; 2006-11-02 at 21:43. Reason: Added CVE reference...
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
FYI...
v2.0.0.2
- http://en-us.www.mozilla.com/en-US/firefox/all.html
v1.5.0.10
- http://en-us.www.mozilla.com/en-US/f...all-older.html
What's New
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Security Updates
- http://www.mozilla.org/projects/secu...s.html#Firefox
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
("Auto-update/Check for update" are currently unavailable but will be soon.)
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
The "Check for updates" feature is now working (did mine minutes ago - YMMV):
While in the browser, go to >Help >Check for updates
...and that's about it! You're done!
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
FYI...
- http://secunia.com/advisories/24205/
Release Date: 2007-02-24
Last Update: 2007-02-26
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: Mozilla Firefox 1.x, Mozilla Firefox 2.0.x ...
Solution: Update to version 2.0.0.2 or 1.5.0.10..."
v2.0.0.2
- http://en-us.www.mozilla.com/en-US/firefox/all.html
v1.5.0.10
- http://en-us.www.mozilla.com/en-US/f...all-older.html
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
Opps... they "forgot" to include this one on their original list of "fixed" vulns:
Mozilla Foundation Security Advisory 2007-08
- http://www.mozilla.org/security/anno...sa2007-08.html
"Title: onUnload + document.write() memory corruption
Impact: Critical
Announced: February 25, 2007 ...
Fixed in:
Firefox 2.0.0.2
Firefox 1.5.0.10
SeaMonkey 1.0.8 ..."
(Also now listed here):
- http://www.mozilla.org/projects/secu...firefox2.0.0.2
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
Another fix not previously listed:
Mozilla Foundation Security Advisory 2007-09
- http://www.mozilla.org/security/anno...sa2007-09.html
Title: Privilege escalation by setting img.src to javascript: URI
Impact: Critical
Announced: March 5, 2007 ...
Fixed in:
Firefox 2.0.0.2
Firefox 1.5.0.10
SeaMonkey 1.1.1
SeaMonkey 1.0.8
Description: ...The fix for MFSA 2006-72 in Firefox 1.5.0.9 and Firefox 2.0.0.1 introduced a regression that allows scripts from web content to execute arbitrary code by setting the src attribute of an IMG tag to a specially crafted javascript: URI. The same regression also caused javascript: URIs in IMG tags to be executed even if JavaScript execution was disabled in the global preferences... Thunderbird is not affected by this flaw as it will not execute javascript: URIs in IMG tags.
Workaround: Upgrade to a version containing the fix. Disabling JavaScript does not protect against this flaw..."
.
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
FYI...
"Check for Updates" (now available):
From an admin account, open the Firefox browser, go to >Help >Check for Updates ...
Download sites:
v2.0.0.3
- http://en-us.www.mozilla.com/en-US/firefox/all.html
v1.5.0.11
- http://en-us.www.mozilla.com/en-US/f...all-older.html
What's New
- http://www.mozilla.com/en-US/firefox.../releasenotes/
Description of Release
- http://wiki.mozilla.org/Firefox:1.5....ion_of_Release
"This release is to address several regressions that were discovered in the Firefox 2.0.0.2/1.5.0.10 release."
.
Last edited by AplusWebMaster; 2007-03-21 at 02:25.
The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.