Slashdot Mirror
Firefox 3.0.1 Fixes 'Carpet Bombing' Issue
An anonymous reader writes "Firefox 3.0.1 was released today. It fixes 3 security vulnerabilities, including a critical issue reported by Billy Rios, Ben Turner, and Dan Veditz. The issue could be combined with an issue in Apple's Safari browser to read data from the user's disk or to execute arbitrary code. This issue was previously discussed on Slashdot.
The release also fixes a remote code execution bug involving the CSS reference counter, reported by the Zero-Day Initiative (previously discussed on Slashdot here), as well as a Mac-only potential code execution bug involving GIF image rendering, reported by Drew Yao of Apple Product Security."
Firefox 3 was crashing 3-10 times a day for me even after completely removing everything FF related. At the risk of jinxing myself I will say that I'm crash free on 3.0.1 for 4 hours now.
return EXIT_SUCCESS;
So have they given us the option to disable their "awesome bar" yet?
So far as I know, the only application that normally runs with its current directory on the desktop (and is thus a potential target for any successful exploit of this issue) is Internet Explorer.
Slashdot needs a "important software updates" section.
I could swear that I was notified of a security update regarding Firefox a few days ago. After the update, I checked Firefox and it's own About dialog reported it was 3.0.1. Can anyone else confirm this or am I going bonkers? I'm certainly on 3.0.1 now and I only received some mundane updates this morning.
Stop being such a dick twitter.
Fx 3 completely freezes my laptop, puts up the hourglass, and the HDD activity light goes solid every time I open it. It does that for about 30 seconds and then it works. As soon as I click the URL bar it does it again and then stops. Once I try to load the page, it locks up yet again. My Fx 3 install on my laptop (XP SP2) is completely broken. I unchecked the boxes under the options that people recommended, I also tried the Linux fix of changing the size of something (can't remember) sqllite related in about:config. I tried reinstalling it and I tried running it in safe mode without addons. I eventually had to download and start using Fx 3 portable, which is working so far. Fx 3 standard continues to work ok on my desktop. I don't know what the deal is, but it's been very disappointing.
I for one, welcome our browser caring overlords.
My issue is that "No one cares when Opera or Safari have a similar release. [or Internet Explorer, or Konqueror...]" but they do when its Firefox.
Opera 9.51 went through a few RC's and a final and is on 9.52RC/Snapshot, Safari has gone through a couple *.*# and a whole #.0 in the last few months for Mac, Win and Mobile...
But no, Firefox 3.1 Sub-Alpha-Hypothetical-Possibility-Beta-RC Build 3219 hits front page and we're supposed to eat a cracker drink some wine and pray to it, but oh wait, we're all for competition and innovation, as long as its Firefox Vs. Firefox.
(stomps off)
Your post is sorta worded as flamebait to some, but it does have truth. It doesn't take a statistician or a complex algo to add up how many postings have been about FireFox in the past 6 months compared to all other browsers combined. I applaude the openness that Mozilla chose for it's flagship browser. However, their product seems to have drawn some rather fervent users as well. Don't mind them, they're to Firefox as Fundies are to religion. That is, ignore/condemn anything that doesnt parallel their own viewpoint.