Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari 3 Beta Updated, Security Problems Fixed

Posted by Zonk on from the closing-holes-in-the-apple dept.

Llywelyn writes "Apple has released an update to the Windows Safari 3 Beta. According to Macworld the updates '...include correction for a command injection vulnerability, corrected with additional processing and validation of URLs that could otherwise lead to an unexpected termination of the browser; an out-of-bounds memory read issue; and a race condition that can allow cross-site scripting using a JavaSscript [sic] exploit.' It is available through either the Apple Safari download site or through Apple's Software Update."

10 of 302 comments (clear)

  1. Horrible International Language support by Anonymous Coward · · Score: 4, Informative

    Downloaded and tried to open websites in Chinese. The rendering is just horrible, unreadable and totally unacceptable. Texts are not where they should be. In this sense, this Safari is even not as good as IE 4, which could display such webpages well. I heard that, (didn't try), Safari could not open most webpages in non-western languages.

    1. Re:Horrible International Language support by nevali · · Score: 4, Informative

      The issue there is that Mac OS X's own international character support does all the hard work for the applications: they don't generally need to worry about it. On Windows, it's a very different story, which means it'll take Apple more than a couple of days to make WebKit/Win32 deal with it all as elegantly as it does on OS X.

    2. Re:Horrible International Language support by nevali · · Score: 4, Informative

      NT handles Unicode character storage and manipulation just fine, yes.

      Unicode font rendering (automatically selecting the a font which contains a particular character, because generally no font contains all Unicode characters, and if one did exist, it probably wouldn't be the text font in use) is a different matter altogether.

      Mac OS X does sane font substitution when faces don't include a particular character. On Windows, AFAIK, typing a Japanese glyph when using a font that doesn't support that code point will result in the square block--on the Mac, the type renderer will find the closest visual match (in terms of style) for a font that does include the code point and use that for those glyphs.

  2. Gee by sid0 · · Score: 5, Informative

    they haven't fixed all the vulnerabilities yet.

  3. Actually, you don't have to give out your email ID by sid0 · · Score: 3, Informative

    Just don't fill in that field. :P

  4. Re:not worth it by nevali · · Score: 5, Informative

    Er, you don't have to give an e-mail address to download it, just to sign up.

    Leave the box blank and the check-box ticked and it still downloads.

  5. Re:Now if they would fix the text problem... by Henry+V+.009 · · Score: 5, Informative

    Yes, I've got this problem on my Vista install at work. Clicking the little spider icon to report the bug crashes the program.

    Mini-review of Safari on my home Vista install: The non-standard Windows UI is annoying. If I wanted to resize only from the bottom right corner I would have bought a Mac. The lack of an advertisement blocker makes the software a poor alternative to Firefox. The bundling is annoying. I don't want Quicktime. Quicktime is ugly, ugly software. It makes Firefox crash, grabs all sorts of MIME types, throws its icon up on the desktop every time it updates no matter how many times you delete the icon, it installs a systray icon (for a media player?!? come on), and it won't play full screen videos. ITunes is only a good media player if you own a Ipod. Don't want that either. The Apple update service is annoying as well. Why a separate service? I want my apps to check for updates when I start them or not at all.

    Good points? Well, Safari displays web pages, I guess. Good for Apple.

  6. Re:Future recommendation? by 3.14159265 · · Score: 3, Informative

    But you already get simplicity, speed, and security with Opera.

  7. Re:Now if they would fix the text problem... by Goaway · · Score: 3, Informative

    If you didn't want QuickTime bundled, why did you select to download the version that bundles it?

  8. It's not a bug by Overly+Critical+Guy · · Score: 3, Informative

    Apple renders fonts to match the accuracy of the glyphs so that they resemble what they would look like in print, important for desktop publishing. Windows happily renders fonts inaccurately so that they're 1-pixel thin and packed into a pixel grid.

    --
    "Sufferin' succotash."