Slashdot Mirror


Security-Updated Versions Of Mozilla Released

petabyte writes "As mentioned in this Mozillazine article, there are new versions of the Mozilla Suite (1.7.2), Mozilla Firefox (0.9.3) and Mozilla Thunderbird (0.7.3) available. They address 4 security bugs (linked from the Mozillazine article). Unlike Firefox 0.9.2, these can't be fixed with just a XPI upgrade, so you'll have to download a new binary and install."

5 of 375 comments (clear)

  1. Grumble Grumble by (54)T-Dub · · Score: 5, Insightful

    I'm getting tired of the whole uninstall, delete, re-install, get plugins, import bookmars, set settings, get skins (optional) routine. I wish they would hurry up and fix the installer so that I could simply update the browser and save all my stuff.

    --

    "I can not bring myself to believe that if knowledge presents danger, the solution is ignorance" - Isaac Asimov
    1. Re:Grumble Grumble by (54)T-Dub · · Score: 5, Insightful
      While I do understand why you would want a better installer, that isn't the central point of a [insert any piece of software here].
      And now we come to the basic problem with the attitude behind Open Source development. If we ever want to get open source out of the geek world we need to be able to get this idea out of our heads. A simple installation is important. Someone should not need years of experience to install an OS smoothly. And any computer novice should be able to upgrade their software with the click of the mouse (maybe 2). I'm not saying we need to dumb it down, just put in a little bit more attention to ease of use/install/upgrade.
      --

      "I can not bring myself to believe that if knowledge presents danger, the solution is ignorance" - Isaac Asimov
  2. Re:Mod parent up. by (54)T-Dub · · Score: 5, Insightful

    Here here. And their "handy" little update notification in the lower right corner has never worked for me. It is constantly telling me that I have to upgrade to version 0.9.1 (which I'm running). Even now it still says the same freaking thing.

    Don't get me wrong, I love Mozilla and open source. But it's those little things that developers hate coding that get to me sometimes. Don't even get me started on a Linux install.

    --

    "I can not bring myself to believe that if knowledge presents danger, the solution is ignorance" - Isaac Asimov
  3. Re:The four vulnerabilities... by black+mariah · · Score: 5, Insightful

    Are you fucking stupid? Every fucking one of those is EASILY an exploit, not of code but of the user.

    Fake certificates help in all sorts of scams. Spyware, eBay scams, whatever. "Oh, this is signed by Macromedia. It must be safe!"

    Fake extensions. We've all seen the results of simply adding a .jpg before a .exe, and how much shit does MS take for THAT one? Like it's their fault that people are fucking stupid enough to double click on 0wnyourcomputer.jpg.exe. Faked extensions are worse, because they don't even have the fucking .exe at the end.

    Lock icon spoofable. So you go to a site you THINK is secured, but it turns out it isn't. Happy funtime on your credit card!

    Not all exploits are code-based, not all exploits are related to software.

    --
    'Standards' in computing only impress those who are impressed by things like 'standards'.
  4. Reality check, please. by Lexomatic · · Score: 5, Insightful
    Firefox is still pre-version 1.0 at the moment, so people should be expecting these sort of updates.

    Prior to 0.9, Firefox was only being updated ever few weeks, with each release holding many fixes since the last release. I think the increase in releases has mainly been due to the fact that in the last month or so the user base of Firefox has gone up dramatically.

    I am sure this has put a lot more stress on the Firefox dev team because now people are starting to rely on their browser to be as good as IE and with whole organisations now looking at using Firefox over IE, the pressure must really be on to make sure it lives up to expectations.

    Once Firefox hits version 1.0, people will get real shitty if it has bugs and security flaws, so the more they fix during 0.9.+ the better. Until then, I am happy to keep downloading it, daily if needed.