Slashdot Mirror
Firefox Update Kills Bugs, Adds Mac Support
Juha-Matti Laurio writes "Several vulnerabilities are fixed in version Firefox 1.5.0.2, which was released on Thursday. In addition to security patches Firefox now includes some stability enhancements and, as expected, includes native support for Apple Computer's Macs with Intel processors. Secunia has a detailed advisory about vulnerabilities fixed with this release."
This time around, almost all extension and theme authors got the version dependency right, so unlike after the previous update, your extensions and themes won't be disabled. It's a security update, so do install it.
haha, no, seriously.. i'm joking
..*ducks*
Peace, Love, Unity, Respect
From Burning Edge:5 .0.2.html
http://www.squarefree.com/burningedge/releases/1.
I love the browser but the memory leaks are the biggest problem IMHO. I have faith that it will be fixed eventually, but it still gets irritating after extensive browsing.
Stay tuned for new sig...
- Memory leaks
- 321283 - Using Find causes documents to leak.
- 323532 - Leak when using history autocomplete.
- 323377 - Lots of leaks in nsInternetSearchService.
Numerous times would I come home to see Firefox using over a gig of memory and eating up about 40% of my proc cycles. A quick quit/restart of the app would fix it, but still -- I regularly close tabs and don't develop long histories on multiple open tabs, so it didn't make any sense.I just hope that those leaks are the ones I was actually experiencing...
Sweet baby Jesus, it fixes 21 separate issues *all of which can be used to execute arbitrary code*! Did they have time to fix any vulnerabilities which were only "somewhat critical"?
SeaMonkey was updated to version 1.0.1 for security reasons too
s /
http://www.mozilla.org/projects/seamonkey/release
no problems here with memory leaks using the build from mozilla's ftp, (installed on slackware-10.2)
Politics is Treachery, Religion is Brainwashing
Isn't the memory 'leak' just the caching of pages, that you can disable by typing about:config in the title bar, and change "browser.sessionhistory.max_entries" to a lower value? Firefox keeps the last few pages in memory to increase speed when you browse to a previously used page.
which is totally what she said
Something that other tabbed browsers (Safari, Opera, IE7) can do just as fast, or faster, without the caching.
The original poster might want to read this: Firefox "Memory Leak" is a Feature
Could you be a little more descriptive of the memory leak problems that your experiencing?
What platform are you on?
What version of Firefox are you running?
What extensions to you have enabled?
What types of things are you doing when you notice the memory increasing?
Are you legitimately using more memory or is it actually a leak?
C'mon, man, give us something useful.
*sigh* back to work...
Just to clarify, Firefox has long had Mac support. This distribution adds Universal Binary support so that Firefox is now native for Intel Macs.
I have found most of the memory leak issues are when using Java applets. Oh, and parsing a 35Mb XML file, memory usaged soared to over 1.5 GB and kept climbing.
It's nice to see that the update notifier now prompts you with options. I would rather this approach than the previous way of updating at startup without any warning or choice.
- Andrew
I meta-moderate because I care.
Every so often I quit firefox and restart it, mostly when I need to restart because the host OS forces me to (Windows XP is a drag sometimes).
Fact is, firefox works pretty well considering what I throw at it. If it doesn't work as well for you, something else is wrong. I have a 512MB laptop. Firefox is rock-solid stable for me. I run adblock, flashblock, google web accelerator, bugmenot, nukeanything, and a couple other minor extensions.
it's a blue bright blue Saturday hey hey
But the good news is, that about:config trick where you minimize your window, then maximize it again still works.
Anyone who has used both extensively have an opinion on the comparison?
Don't blame me; I'm never given mod points.
It did it again.
I have firefox set to inform me that theres an update.
In my eyes that update check should only occur when I open a window, NOT when I'm in the middle of typing.
I saw a flash of something whilst I was typing and realised I had inadvertantly accepted a popup box.
I want to set Firefox to inform me of updates, but make sure it only does that when opening a new window or tab (so it knows I'm not actively typing).
liqbase
Mozilla/Firefox still ignores the ALIGN attribute within a COLGROUP element:
<colgroup align="center">
This is a longstanding bug yet to be fixed.
I was just saying what I saw in an article here - someone replied to me with a link to the story.
Other browsers which have the same feature seem to mysteriously now be horrible memory hogs
Well there you go then - what's so 'mysterious' that keeping the last 50 (50 was the default on my session history) browsed pages in RAM? I am not denying that it could have other memory leaks, but I have never looked into the matter, and have no issues with FireFox myself..
which is totally what she said
Who cares? If I close 20 of them and open 40 more, it's still not a problem. I have to quit every few days anyway, or if I decide to install a new extension, and sessionsaver makes that painless. I have never seen firefox consume more than 400MB and that's with heavy, heavy use with maybe 100 tabs open. Opera does better, and I use it too (simultaneously), but still, it's not a problem.
it's a blue bright blue Saturday hey hey
Yeah. The noscript extension is very nice. I'll miss that if I downgrade. Actually, I hadn't considered Camino. But upon looking at the site, it appears to be a version downgrade with built-in spellcheck and ad-block. Which, if I'm already considering a downgrade to 1.0.x, I might as well try that out too. Thanks for the suggestion.
Ah. I see. You're here to help me learn what is a "real" browser and what is not by linking to a commercial product. You are a walking advertisement with an anchor tag. Most helpful.
It may have to do with the presumption of the developers that folks smart enough not to use the default IE in windows are so smart they don't need a spell check. The fact it was in 1.0.x was an oversight.
Hmmmm, I could use autocorrect for typing my own last name in more than just Word. Put the accent marks in automagically.
The world is made by those who show up for the job.
Why? Look's like you spell fine to me, aside from "actaully."
It's poetry with a beat behind it! And guns! They're like beatniks with automatic weapons.
if it doesn't work as well for you, something else is wrong.
/. Gmail, Milk&Cookies). I changed the setting in about.config weeks ago.
Just because it works fine on one machine is no guarantee that it will work just as well on other machines.
I'm up to 80 megs used with only 4 tabs open (CNN
Firefox doesn't release memory like it should. It jumped from 50 to 75 when I opened a new window to view a QuickTime movie, when I closed it the memory wasn't release. If I watch a wmv file it will routinely jumped in to the high 90's low 100's. I opened the same pages with IE and when I close the window with the QuickTime movie the memory jumps back down.
500 dollar reward for tip(s) leading to the arrest of the person(s) who stole my sig.
Be careful with this line of reasoning. All along there's been this mantra of "Firefox is inherently more secure, and would be even if it were the dominant browser" spouted continuously. Well, I happen think the GP makes a great point about this, and your reasoning seems to fly in the face of the mantra. Don't get me wrong--I'm one of these said spouters--but I'm honestly feeling more than a bit hypocritical at this moment. These are some damn serious issues, and it's not just a handful.
Now, I suspect the reason for this is that the Firefox community as a whole (users and developers) are far more pre-disposed to actually finding and publicly disclosing such bugs. My guess is that we really only see the tip of the IE iceberg in terms of security.
However, we still can't have it both ways; these are indeed very critical bugs, and to dismiss them otherwise may seem beneficial, but it's actually a great disservice.
When you close those 60 tabs, firefox should free the memory. It doesn't.
Who cares?
Seeing as that memory is now lost and unusable you **should** care. It is a sign of sloppy design anyways and the other two (Opera and IE) don't seem to have problems with memory leaks...
I'm not to serious into the Firefox vs. IE vs Opera debate. What i do know is i like tabs (in browsing, in chats, etc) and I like firefox because of the fact that when going to sites with code that installs USUALLY you get a nice popup saying "Do you want to save or open this file". When you are playing with Acess, MS project server, Slashdot etc, you don't alway have the attention to make sure you pages aren't installing programs for you. In my opinion the great test will be if this new version doesn't crash so often when i Use it to view MS project using IE tabs.
If the release includes changes other than security fixes, wouldn't it be better to call it 1.5.1? In fact, Firefox 1.0.8 has been released too, and it increments the third rather than the fourth number for similar changes. Maybe Firefox developers want to convince users that the changes from 1.5 are really tiny? But it's not true, judging by the release notes.
Yes, we all know. The developers say that the memory cache explains the leaks.
THEY ARE LIEING.
Everyone needs to understand that. They are lieing.
Opera has a far superior memory cache feature for going forward and backward. Yet it doesn't leak up to 1GB of memory in a day's worth of use.
The Firefox memory leaks are a BUG, and not caused by any feature (other than poor memory management). They're caused by poor design and sloppy coding, period.
The new release could have patched a hole that would have otherwise let the browser rape you in your sleep. Note the headline, when it's Firefox it reads "kills bugs". You'll never see that with an IE patch headline.
I'm sure "SlashdotMedia" will improve on all the wonders that Dice Holdings blessed us all with
Does anyone know of any SSE2 etc. optimized builds available? The Mozilla forums seem to have died.
I use Firefox 1.5 at work. The only extentions I currently have on it is GMail Notifier, and IE View. On average, it will crash twice a day, and before then, become rather unstable. (Can't change tabs, freeze when accessing pages.) Some sites also trigger this behavior. (BoardGameGeek comes to mind.)
Opera, which I use at home, seems to work a bit better, tho every couple of weeks it will crap out on me. At least there, Opera will recover from that and I can still look at what I was looking at.
Funny thing is, as much as IE gets bashed, it is pretty much a model of stability in comparison to the competition.
Here's the URL I got it from:
reclaim leaked memory
In case this poor bastard's site gets Slashdotted, here's the trick:
1. Open Firefox and go to the Address Bar. Type in about:config and then press Enter.
2. Right Click in the page and select New -> Boolean.
3. In the box that pops up enter config.trim_on_minimize. Press Enter.
4. Now select True and then press Enter.
5. Restart Firefox.
Once you've restarted, and been using FF awhile, minimize it, then bring it back, and the system (under Windows, anyway) will have reclaimed leaked memory (often LOTS of it). A new notice on that page says this works with Thunderbird, too, so I'll have to try that when I get to work.
"If I close a tab of which I had a large browsing history associated with it, I would expect all the pages associated with it to be destroyed too. Obviously not."
I wouldnt expect that, since there is an apparent feature that FF keeps a certain number of previously visited pages in memory, regardless of which tab they were viewed in. If you expect it not to save the pages, then set the cache to store 0 pages.
which is totally what she said
Firefox is reported to pass the ACID2 test as well. Though it's just a development branch and there's still a load of work to do, it's nice to see they are finally getting to the finish.
This is the one that I was looking for (Yahoo! Mail Beta randomly crashes, causing the loss of whatever email is being written)
8 3
https://bugzilla.mozilla.org/show_bug.cgi?id=3226
-=Lothsahn=-
Set browser.sessionhistory.max_total_viewers to 0 and see if that helps. If it does, then
you're not dealing with a memory leak (or at least, not an accidental one...they put this
in there on purpose).
I'm running 1.5.0.1 on gentoo linux (no gnome or kde) and experience no memory leak. I often
leave it running for days and, while my memory footprint varies with usage, it doesn't appear
to be behaving baddly (memory usage always approaches a base level after I finish most of my
browsing).
*sigh* back to work...
But...but...but
XML and Java APPLETS are teh BESTEST thing ever!! How could they possibly cause problems? They are the glue of the internet! Fast, efficient guarenteed to work everywhere and anywhare!!!!
Heretic!
I wasn't too interetest either - so I donated to /.
...if Firefox hadn't updated itself before I got to read the article.
-g.
That's 10% of what market--all Internet-connected computers on the planet? I think not. It's only 10% of some arguably small subset of all possible users. I've seen many logs of consumer retail sites showing Firefox represents more like 3% of the market (8% if you include Mozilla/SeaMonkey plus Netscape). And I'd further hypothesize that the Firefox users are biased, due to self-selection, to be more security aware and more likely to run other defensive utilities. Even it it were 10%, it's not even close to IE. Recall the days long ago when all the trade rags were saying Macs would never become dominant because software developers would always prefer to target 90% of users (on Windows), not the 10% on Macs. Well, advances in cross-platform development have helped, but indeed Macs are still (a dozen years later) nowhere near being dominant.
I don't know anyone whose computer is full of spyware because they use FF, but almost everyone I know who regularly uses IE complains how slow their computer is, and I look at their browser and there are 3 search bars that they have no idea where they came from or how to uninstall them.
Your anecdote, weak as it might be, actually supports my arguments, both above and in my GP post. You are jumping to the conclusion that a causal relationship exists, whereas I disagree. I'm much more inclined to say this is true only because the Firefox users represent a significantly different subset of all users, who are more aware of the security risks/benefits.
The reality is, FF discloses a vulnerability that ~could~ be exploited, then promptly fixes it, while IE doesn't disclose serious vulnerabilities that ~ARE~ being exploited and ~doesn't~ fix them. There are still ultra-critical IE exploits that have been in the wild for over a year, still resulting in drive-by installations, for which there still isn't a patch.
I agreed with this point already in my GP posting.
I feel and ~am~ much safer using FF and will continue to do so. All you have to look at is the reality, I've NEVER had a single piece of spyware installed since using FF (3 or 4 years). The same could not be said when I used IE, and cannot be said of friends that insist on still using IE.
Once again, beware of drawing such conclusions from the somewhat limited set of data you have. By all means continue to use Firefox and feel (and indeed become and stay in general) safer. But please note that this still does not mitigate the security implications of the existence of such a large number of critical bugs.
That's odd, I thought that Opera and Safari were the "other two" ...
I just wish that it had told me which extensions will no longer be working *before* it did the update. You have to install the update before it tells you. Some extensions can be updated. Some will be killed.
I lost AniDisable and AutoForm. I'm going to miss AutoForm.
Progress has a price.
Development version of SpellBound works on Firefox 1.5.0.x.
1 30&start=0
http://forums.mozillazine.org/viewtopic.php?t=351
End of Line.
. ..
The google toolbar also has a spellchecker. I've basically been using it just for the spellchecker.
This is one of the nice things about Camino (as a Cocoa application, it gets access to OS X's builtin spellchecking)
Ditto for Safari and OmniWeb. Actually all three work with my spell-checker, grammar-checker, dictionary/thesaurus, language translations, text transformations, scripts, speak text, encryption tools, md5 checksums, text statistics (word count, char count, pages, etc.), Web lookups, XML processing tools, content summarizer, and a probably few other system services I've forgotten. The fact that Firefox can't use standard services is the reason I don't use it as my everyday browser. It is nice that it maintains cross-platform capabilities, but unless other platforms catch up to OS X for services I don't want to be limited to the abilities of the least common denominator. Services are, in my opinion, the most overlooked advance OS X has brought to my workstation.
So do you have a link to the page?
I'll probably be modded down for this...
It would be interesting to see how many times the automatic update is downloaded. At first glance it seems like that might be a good way to get some sort of idea as to how many people really are using Firefox.
Yeah, but that isn't a Firefox issue, the plugins are not getting unloaded after they are being used. I have the same problem on my Linux box with the Adobe Acrobat plugin, it is not Firefox's fault, the plugins are written badly and don't unload themselves.
also leaves your firefox unable to get to the web. I had to restart my PC twice before firefox could connect again - oddly enough, it somehow also managed to wipe out gmail notifier, MSIE, outlook, etc. Basically, I was teleported back to the B.I. (before Internet) there for awhile this morning.
This doesn't reclaim anything. All it does is trim the working set which results in less RAM usage being reported and, will be more likely to page the memory to disk. If you use your system for awhile with the application minimized, it will likely be very unresponsive once restored.
If anyone's vulnerabilities ~should~ be actively exploited it's FF's, because the source is read and there is full disclosure on the vulnerabilities. But I know of almost none that have been, and none that were widespread.
How many people do you think are really "reading" the source. And when I say read, I don't mean downloading the source, opening up a couple files in vim just to check it out, then build it and be on your merry way. And I'm not talking about average C++ programmers either. I'm talking about C++ programmers that actually understand the codebase. It's probably not as many as the usual open source groupthink claims.
That said, I still trust Firefox more than IE. And I'm pretty much "locked-in" to it with the tabs and especially the extensions. I still haven't found a modern browser that renders as fast as IE though - if you don't count Dillo.
Not to be pedantic, but the GP has a point: "leaked" memory is memory the program doesn't know about anymore, lost in the bowels of the machine. This memory is being used to cache the pages in history (to make the "back" functionality faster). It isn't leaked, it's working as intended.
Now, whether this is the right thing to do or not is pretty contested, but that's the design.
I [may] disapprove of what you say, but I will defend to the death your right to say it.
I've had Firefox easily consume in the 700 meg range (and maybe 35 tabs or so max). I've got 2 Gigs, but that's still a hefty chunk of ram. I tend to read a lot of PDF docs and someone up further on this page said that the Adobe plugin isn't releasing its memory. But my question is does Firefox even care about the cache value that you set?
This is one of the nice things about Camino (as a Cocoa application, it gets access to OS X's builtin spellchecking), but it might not stack up will against the current build of Firefox in terms of other features. There is always spellbound. I've been using the development version (which works with Firefox 1.5) and I have found it to be excellent. It may be nicer to have built in spell checking but spellbound is a good alternative. (And it works on most OS's)
"A witty saying proves nothing." -- Voltaire
This update scared the hell out of me. I couldn't tell if a 3rd party app had mysteriously been installed or if it was a trusted update from Mozilla... There was no information available in the popup itself and the update/release notes had not yet been released, we're not loaded into a tab or window and had not hit the web or cleared my ISP's cache. Yet, I get a popup telling me that, basicly, I may or may not be fucked if and when I permit Firefox to reload. It's important to facilitate end user verification and awareness of what a trusted 3rd party is about to do to their machine.
This is bad protocol. Many (and I mean MANY) 3rd party nightmares identify themselves as proper patches for trusted titles. Firefox's update looked exactly like several of them. It's IMPORTANT TO CLARIFY WHO YOU ARE AND WHAT YOU'RE DOING. This could be resolved in any number of convenient, non-frightening, ways (All of them, too obvious to list).
It would be of tremendous value to the more paranoid side of geekdom if Mozilla/Firefox also forced release notes to load at the time of notification of an update. It took me more than 4 hours to give in and run a complete system backup to dvd... all because my browser wanted a restart.
With every new release, CPU usage goes up by 10-20% in my system (ubuntu linux). I'm getting sick of this. May be with Dapper (clean install), I should upgrade myself to epiphany... The heat burns my private places now (laptop). aie aie
Heard of free(3)?
Fact is, the Mozilla Foundation is making mad cash from google searches and ads. They have plenty of full time coders and support staff. If "open source" is nearly as successful as /. likes to group-think, those pro mozilla coders would be out of a job.
Do you even lift?
These aren't the 'roids you're looking for.
Camino actually does not benefit from inline spell checking. While the text boxes look move native than in Firefox, they are still drawn by Gecko and are not the standard form elements seen in other Mac OS X applications. I believe the developers are in the process of making the text boxes (more) native, but unfortunately the current release of Camino is lacking this feature.
That comment it only a troll because it hurt your little OSS feelings. Everything I said is true. The FF may be more secure but it for sure has some really issues on the memory front on the Mac. On the PC I have not had problems with it. So unless you have used it on the Mac and know it to not do what I am saying how is it a troll? Oh its a troll because you don't agree. I get it.
OMG Ponies!!! with Glitter!!!! I miss Pink
I've never experienced the memory leak issue with my firefox, but for those that do - maybe this clarifies some things.
And for those that are really tight on memory there is always lynx ;)
And when you gaze long enough into the code, the code will also gaze into you.
Oh wait, it was!
http://outcampaign.org/