Mozilla Firefox 1.5.0.4 Released

← Back to Stories (view on slashdot.org)

Mozilla Firefox 1.5.0.4 Released

Posted by ryuzaki0 on Thursday June 1, 2006 @08:33PM from the pointy-point-releases dept.

KrayzieKyd writes "God Bless Mozilla. Firefox has just notified me that Firefox version 1.5.0.4 has just been released with release notes and according to Mozilla's website, the same has been released for Thunderbird with its own release notes."

17 of 375 comments (clear)

Min score:

Reason:

Sort:

Freshmeat? by mtenhagen · 2006-06-01 20:38 · Score: 5, Insightful

Are we getting slashdot articles for each verion bump of the mozilla products? I tought freshmeat was created for that.

Is there something special about this release? According to the release notes these bugs where removed. Great but not enough for a slashdot article.

MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

--
200GB/2TB $7.95 Coupon: SAVE90DOLLAR
1. Re:Freshmeat? by KiloByte · 2006-06-01 20:46 · Score: 5, Insightful
  
  The thing is, you don't ever hear about MSIE security issues unless there is already a popular exploit in the wild.
  
  --
  The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
2. Re:Freshmeat? by Anonymous Coward · 2006-06-01 21:05 · Score: 5, Insightful
  
  Well the FAQ of the release notes does say:
  What can I do to help?
  
  We need all the exposure we can get ... Submit a story to Slashdot and other news sites about the release.
  Someone was bound to follow the instructions.
3. Re:Freshmeat? by WalterGR · 2006-06-01 21:35 · Score: 2, Insightful
  
  ...a new release of FireFox which fixes 12 security flaws (5 of them rated "critical") is certainly slashdotworthy.
  
  And actually, MFSA 2006-32 fixes *7* "potential memory corruption" vulnerabilities, so the count of critical flaws alone could be as high as 12.
  
  --
  The Online Slang Dictionary
4. Re:Freshmeat? by MobileTatsu-NJG · 2006-06-01 23:53 · Score: 4, Insightful
  
  "Submit a story to Slashdot and other news sites about the release. Someone was bound to follow the instructions."
  
  Ah, so this is a Slashvertisment.
  
  --
  
  "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
5. Re:Freshmeat? by Anonymous Coward · 2006-06-02 02:35 · Score: 3, Insightful
  
  Now leave both browsers open for a day. IE6 will still be at 63 MB. Firefox wil be above 100 MB.
6. Re:Freshmeat? by Anonymous Coward · 2006-06-02 02:52 · Score: 2, Insightful
  
  You know how Firefox weenies always shout "SHARED MEMORY!" whenever anyone does something like that with Firefox? Guess what... SHARED MEMORY!
  
  That'd only be slightly valid if you used one instance of Internet Explorer to launch all three windows. Try the test again by hitting Control-N to open new windows in Internet Explorer and see what happens. I guarentee you it'll be less than Firefox uses.
7. Re:Freshmeat? by mrchaotica · 2006-06-02 03:45 · Score: 4, Insightful
  
  Leave it open for a few days. The reason that it's called a "leak" is that the free memory slowly decreases over time.
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
1.5.0.4 is major.significant.minor.forget-it by k1980pc · 2006-06-01 21:05 · Score: 3, Insightful

Hardly looks like news. And I'm already tired of Mozilla team not addressing the most critical issue - memory hogging. Brushing that aside is not going to help the developers or the users.
Most of these are already fixed on my machines... by Anonymous Coward · 2006-06-01 21:37 · Score: 1, Insightful

Naturally, if you care about security then you too will have javascript disabled.
Re:Mozilla bug database is a joke by ClamIAm · 2006-06-01 21:38 · Score: 3, Insightful

You're either a grade A moron or a grade F troll. Go to bugzilla.mozilla.org. I'm looking through dozens of bugs right now. No reg required. (oh, and they don't like links from slashdot. so copy and paste the URL)
In addition, the definitions of "open source" and "free software" have nothing to do with anonymous bugzilla access, but rather with the availability of source code and the rights one has with regards to use and modification of said code. If you don't believe me, read the definitions yourself.
Re:Is this intereseting? by flobberchops · 2006-06-01 22:07 · Score: 2, Insightful

They are swept under the carpet, just try viewing them in the bugzilla database :)
Re:Open the FIXED security bugs in the database.. by Rogue+Pat · 2006-06-01 23:14 · Score: 2, Insightful

Maybe a diff on the source will tell you the coded solution. But it's quite likely that the entry in Bugzilla itself gives you the exploit.

I see no particular reason to publicize exploits.
Re:Opensource is FUD by Rogue+Pat · 2006-06-01 23:18 · Score: 4, Insightful

Looking at the source code, you can see which code got changed and which changes were made. The bug is not for your eyes, as it may give detailed steps to exploit the vulnerability.

Remember when Microsoft releases a patch it would say "a maliciously crafted web page may" etc. The bugzilla entry for Firefox may actually GIVE you all you need to build that maliciously crafted page.

As said before, there's no need to publicize detailed steps to exploit a browser.
Re:Will it stop crashing? by suv4x4 · 2006-06-01 23:26 · Score: 2, Insightful

This is known and actually a feature, which can be turned off

What kind of a feature is it, if everybody complain about it.

Plus turning caching off doesn't solve Firefox's speed. Part of the problem is bad memory management and coding, part of it is slow rendering engine, and part is the fact all tabs share a single thread, so when one takes more CPU, the whole window freezes.

Those are software design mistakes, and calling them various funny names, like "features" won't solve the fact we've actual problems with it.
Re:Here we go... by LS · 2006-06-02 00:36 · Score: 2, Insightful

I don't think the average user should have to worry about "memory management". Memory is something that should be abstracted away and not exposed to anyone but an advanced user. If in normal usage the caching features cause undesirable behavior, I consider this a defect in the design, if not the implementation.

LS

--
There is a fine line between being a cultivated citizen and being someone else's crop. - A. J. Patrick Liszkie
information in a simple form by cyfer2000 · 2006-06-02 03:24 · Score: 2, Insightful

We call that "Web 1.0".

--
There is a spark in every single flame bait point.