Mozilla Firefox 1.5.0.4 Released

KrayzieKyd writes "God Bless Mozilla. Firefox has just notified me that Firefox version 1.5.0.4 has just been released with release notes and according to Mozilla's website, the same has been released for Thunderbird with its own release notes."

Freshmeat?

[mtenhagen]

Are we getting slashdot articles for each verion bump of the mozilla products? I tought freshmeat was created for that.

Is there something special about this release? According to the release notes these bugs where removed. Great but not enough for a slashdot article.

MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Re:Freshmeat?

[KiloByte]

The thing is, you don't ever hear about MSIE security issues unless there is already a popular exploit in the wild.

Re:Freshmeat?

Well the FAQ of the release notes does say:

What can I do to help?

We need all the exposure we can get ... Submit a story to Slashdot and other news sites about the release.

Someone was bound to follow the instructions.

Re:Freshmeat?

[MobileTatsu-NJG]

"Submit a story to Slashdot and other news sites about the release. Someone was bound to follow the instructions."

Ah, so this is a Slashvertisment.

Re:Freshmeat?

Now leave both browsers open for a day. IE6 will still be at 63 MB. Firefox wil be above 100 MB.

Re:Freshmeat?

[mrchaotica]

Leave it open for a few days. The reason that it's called a "leak" is that the free memory slowly decreases over time.

1.5.0.4 is major.significant.minor.forget-it

[k1980pc]

Hardly looks like news. And I'm already tired of Mozilla team not addressing the most critical issue - memory hogging. Brushing that aside is not going to help the developers or the users.

Re:Mozilla bug database is a joke

[ClamIAm]

You're either a grade A moron or a grade F troll. Go to bugzilla.mozilla.org. I'm looking through dozens of bugs right now. No reg required. (oh, and they don't like links from slashdot. so copy and paste the URL)

In addition, the definitions of "open source" and "free software" have nothing to do with anonymous bugzilla access, but rather with the availability of source code and the rights one has with regards to use and modification of said code. If you don't believe me, read the definitions yourself.

Re:Opensource is FUD

[Rogue+Pat]

Looking at the source code, you can see which code got changed and which changes were made. The bug is not for your eyes, as it may give detailed steps to exploit the vulnerability.

Remember when Microsoft releases a patch it would say "a maliciously crafted web page may" etc. The bugzilla entry for Firefox may actually GIVE you all you need to build that maliciously crafted page.

As said before, there's no need to publicize detailed steps to exploit a browser.