Is it just me, or does the Google Toolbar come back when you open a new Firefox window or instance? I'm using Mac OS X and a recent Firefox build from the MOZILLA_1_8_BRANCH, and I installed Google Toolbar using Nightly Tester Tools to override Firefox's compatibility check.
Firefox 1.5 Beta 1 is vulnerable to some of the holes fixed in Firefox 1.0.7. You should upgrade to a newer build from the Firefox 1.5 / Gecko 1.8 branch, preferably today's.
I hadn't heard that and I find it hard to believe. A lot of aspects of Firefox's update system will be better in Firefox 1.5, but I don't see why that would result in simultaneous releases to the web site and to automatic update.
If you have any extensions installed, try disabling them and see if that fixes the problem.
Re:The build system of OpenOffice is fantastic.
on
OpenOffice 1.1.5 Released
·
· Score: 2, Interesting
I might be impressed if it actually worked on Mac OS X. As it is, when I launch OpenOffice 1.1.5, it asks me to select my preferred X server, and then gives me an obscure error message when I hit Cancel because I don't understand WTF it is asking. I also tried 1.9 Beta and it gave me an even less useful error message earlier in the install process.
That's probably just because 1.0.7 isn't being pushed to automatic update users yet. It was only released a few hours ago, so that shouldn't be surprising.
Look at the 'Last Updated' date at the top and then look at the first comment.
'Last updated' doesn't tell you when the bug was fixed. You have to skim the comments to figure out when a fix was checked in, and then figure out which release of Mozilla/Firefox first contained the fix. (You're still correct that the bug took over 3 years to fix.)
All the "unpatched vulnerabilities" in IE that everyone parrots to prove Microsoft sucks are like this one. You can't take MS to task after this, now can you?
Bug 69070 wasn't as serious as most of the holes Microsoft gets flak for leaving unfixed.
Mozilla has begun publishing vuln advisories with the same "a malicious web page" verbiage that everyone berated Microsoft for in order to inflate the importance of every single IE bug.
What is/was the argument against using the phrase "a malicious web page" in advisories?
i've had firefox crash on me at least twice a DAY in the last year or so.
Here's what you can do:
1. Upgrade to Firefox 1.5 Beta 1 (at least). Do a custom install and check the box for the "Quality Feedback Agent" (Talkback crash reporter).
2. If Firefox ever crashes, let Talkback send the crash reports to the server.
3. If you continue seeing lots of crashes, send me some Talkback IDs and I'll try to determine whether it's a known problem and whether there is a workaround by searching Bugzilla or examining the stack trace.
Tab to a link. Hit enter to follow. Hit alt-left arrow for back. In IE, the link I just followed still has the Tab selection...I can hit tab again and go to the next link. Firefox, it has NO idea what link I hit, and I'd have to tab tab tab to get back to where I was. (Netscape 4.7 was a follower not a leader in keyboard navigation, and it's irksome that Firefox still can't get this basic thing right.)
Somewhat fixed in Firefox 1.5 Beta 1. If the page is loaded from the back/forward cache, rather than being loaded from the normal cache or re-fetched from the web, the link you clicked on remains focused.
Btw, I'm not sure I'd call this a "basic thing". Layout history (restoring state after re-parsing a page) is complicated, and so is focus.
These bugs involve Firefox getting confused about where focus is. Some parts of Firefox think you're typing into a textbox, but others think you're not, so Find can activate when it shouldn't.
Aaron Leventhal fixed the most common bug that caused this to happen (258285), so it should happens less often in Firefox 1.5 Beta 1 than it did in Firefox 1.0.x. It's not gone completely (307375) but I think Johnny Stenback is working on that.
accessibility.typeaheadfind controls whether Find activates when you focus a web page and start typing characters like 'y'. The post you're replying to wants an option to make the Find bar non-incremental and/or use a dialog instead of a bar.
would you like to allow Firefox to access/home/unordained/file1.txt in read-only mode?
Make the file picker return a capability to access the file, not just the filename. Then if I want to upload a file using the web browser, picking it automatically gives Firefox permission to read it.
would you like to allow some-app-2 to change the following registry keys?
Firefox uses the Windows registry to set itself as the default handler for several protocols (e.g. http:) and default handler for several file types (e.g..html). Turn these into operating system dialogs, and then a less-privileged process can ask to set itself as the default browser with about the same amount of user interaction as the confirmation dialog that's already part of Firefox.
While it's true that some marketing- and contract-related bugs are hidden, All six bugs the grandparent linked to are hidden as "Security-Sensitive", not as "Marketing-Private".
There are no longer zip builds for releases, but there are still zip builds for nightlies. Find the nightly zip that corresponds to the release (in this case, 2005-09-08 branch nightly) and download the zip.
Slashdot Mirror
Is it just me, or does the Google Toolbar come back when you open a new Firefox window or instance? I'm using Mac OS X and a recent Firefox build from the MOZILLA_1_8_BRANCH, and I installed Google Toolbar using Nightly Tester Tools to override Firefox's compatibility check.
Firefox 1.5 Beta 1 is vulnerable to some of the holes fixed in Firefox 1.0.7. You should upgrade to a newer build from the Firefox 1.5 / Gecko 1.8 branch, preferably today's.
I hadn't heard that and I find it hard to believe. A lot of aspects of Firefox's update system will be better in Firefox 1.5, but I don't see why that would result in simultaneous releases to the web site and to automatic update.
If you have any extensions installed, try disabling them and see if that fixes the problem.
I might be impressed if it actually worked on Mac OS X. As it is, when I launch OpenOffice 1.1.5, it asks me to select my preferred X server, and then gives me an obscure error message when I hit Cancel because I don't understand WTF it is asking. I also tried 1.9 Beta and it gave me an even less useful error message earlier in the install process.
That's probably just because 1.0.7 isn't being pushed to automatic update users yet. It was only released a few hours ago, so that shouldn't be surprising.
Look at the 'Last Updated' date at the top and then look at the first comment.
'Last updated' doesn't tell you when the bug was fixed. You have to skim the comments to figure out when a fix was checked in, and then figure out which release of Mozilla/Firefox first contained the fix. (You're still correct that the bug took over 3 years to fix.)
All the "unpatched vulnerabilities" in IE that everyone parrots to prove Microsoft sucks are like this one. You can't take MS to task after this, now can you?
Bug 69070 wasn't as serious as most of the holes Microsoft gets flak for leaving unfixed.
Mozilla has begun publishing vuln advisories with the same "a malicious web page" verbiage that everyone berated Microsoft for in order to inflate the importance of every single IE bug.
What is/was the argument against using the phrase "a malicious web page" in advisories?
i've had firefox crash on me at least twice a DAY in the last year or so.
Here's what you can do:
1. Upgrade to Firefox 1.5 Beta 1 (at least). Do a custom install and check the box for the "Quality Feedback Agent" (Talkback crash reporter).
2. If Firefox ever crashes, let Talkback send the crash reports to the server.
3. If you continue seeing lots of crashes, send me some Talkback IDs and I'll try to determine whether it's a known problem and whether there is a workaround by searching Bugzilla or examining the stack trace.
Tab to a link. Hit enter to follow. Hit alt-left arrow for back. In IE, the link I just followed still has the Tab selection...I can hit tab again and go to the next link. Firefox, it has NO idea what link I hit, and I'd have to tab tab tab to get back to where I was. (Netscape 4.7 was a follower not a leader in keyboard navigation, and it's irksome that Firefox still can't get this basic thing right.)
Somewhat fixed in Firefox 1.5 Beta 1. If the page is loaded from the back/forward cache, rather than being loaded from the normal cache or re-fetched from the web, the link you clicked on remains focused.
Btw, I'm not sure I'd call this a "basic thing". Layout history (restoring state after re-parsing a page) is complicated, and so is focus.
What, in particular, is slow? Saying "JavaScript is slow" is about as useful as saying "Firefox is slow" or "Sometimes Firefox crashes".
These bugs involve Firefox getting confused about where focus is. Some parts of Firefox think you're typing into a textbox, but others think you're not, so Find can activate when it shouldn't.
Aaron Leventhal fixed the most common bug that caused this to happen (258285), so it should happens less often in Firefox 1.5 Beta 1 than it did in Firefox 1.0.x. It's not gone completely (307375) but I think Johnny Stenback is working on that.
accessibility.typeaheadfind controls whether Find activates when you focus a web page and start typing characters like 'y'. The post you're replying to wants an option to make the Find bar non-incremental and/or use a dialog instead of a bar.
Alt+Home works too.
would you like to allow Firefox to access /home/unordained/file1.txt in read-only mode?
.html). Turn these into operating system dialogs, and then a less-privileged process can ask to set itself as the default browser with about the same amount of user interaction as the confirmation dialog that's already part of Firefox.
Make the file picker return a capability to access the file, not just the filename. Then if I want to upload a file using the web browser, picking it automatically gives Firefox permission to read it.
would you like to allow some-app-2 to change the following registry keys?
Firefox uses the Windows registry to set itself as the default handler for several protocols (e.g. http:) and default handler for several file types (e.g.
If you don't want to disable IDN, or if you want to help test the change so Mozilla can release updated versions faster, try these nightly builds:
Today's Gecko 1.8 branch nightly - Firefox 1.5 Beta 1 plus the fix for this security hole.
Today's Aviary 1.0.1 branch nightly - Firefox 1.0.6 plus the fix for this security hole. There isn't a Linux build here; I don't know why.
Yes, I've learned that since posting.. Odd, since 307259 was opened on the 6th when the "advisory" showed it reported on the 4th.
;)
I'm guessing he emailed Dan Veditz on the 4th, then reported the bug on the 6th.
BTW, can you talk about the bugs you reported and their security implication?
I'd rather not. But fix one or two of the crashes I reported recently, then we'll talk
Have SeaMonkey porters been trying to get their code-quality changes back into Firefox?
The bug this Slashdot article is about is bug 307259, which isn't on your list.
Btw, I reported the first two on your list.
While it's true that some marketing- and contract-related bugs are hidden, All six bugs the grandparent linked to are hidden as "Security-Sensitive", not as "Marketing-Private".
here we are in 2005 and the number one exploit across systems is still... buffer overflows.
l nerabilities.html, it looks like most security holes in Firefox are not related to low-level memory management.
Are you sure that's true? Looking at http://www.mozilla.org/projects/security/known-vu
There are no longer zip builds for releases, but there are still zip builds for nightlies. Find the nightly zip that corresponds to the release (in this case, 2005-09-08 branch nightly) and download the zip.
Spirit let two of her fingers get in front of the lens, ruining an otherwise breathtaking photo.
What rule does that violate?
Some of the scientists involved are saying its more of an art instead of a science due to its 'biohacking' style of experimentation.
Shouldn't that be "Some of the artists involved are saying..."?