Mozilla Firefox 1.5.0.3 has been released. This update fixes a publicly disclosed denial of service weakness. All users are encouraged to upgrade to this version. The bugfixes previously planned for Firefox 1.5.0.3 were shifted to 1.5.0.4, and a quick update was released shortly after the recent 1.5.0.2 release to address the publicly reported issue.
I got two crashes in 1 hour since Firefox auto-updated this morning! Usually Firefox is rock solid here.
After I updated to 1.5.0.2 one of my extensions quit working and I had a crash happen for the first time since .9. After updating to 1.5.0.3 and reinstalling the extension everything seems to be working correctly again.
Fair enough. Use Opera 9. The beta version of Opera is mors stable than the final version of Firefox. Not to mention all other benefits and features.
ok if one more person tries to shove Opera down my throat I WILL vomit. There’s a reason why Opera never had a substantial following and also in all the years that I’ve used Firefox it has hardly ever crashed. A lot of the crashes are caused by bad extentions or some problem with your windows installation not related to Firefox. Only people always blame it on Firefox. The golden rule is that if you cannot reproduce a bug/crash/software problem then it doesn’t exist.
Oh and the update feature works better than it did with 1.5.02. Had to install the full version then and now it worked fine with just the update one. Nice improvements. Only if you change the version number every time there is a bug fix ( even if it’s unexpected and critical ) you might run into some weird version numbers. I couldn’t care less but many and users might weild weird and unsecure when it seems like there is a new version comming out every month. A patch is such a polically correct word as of latelly and maybe Firefox should adopt that too.
My patch just popped up about a half hour ago..nothing yet.
I’ve not seen any issues with 1.5.0.3 either here or at home yet. Both auto-updated.
No problems here, is solid as always.
use 2.0 alpha
Auto-update worked successfully. No crash report in post-update.
There was a brief discussion on the Full Disclosure mailing list about this flaw a few days ago. It could cause a browser crash, but no-one could exploit the thing. I notice that Mozilla is calling the flaw “critical,” because “in theory” it “can be abused to run malicious code.”
I like this kind of attitude toward security. I wish we would see more of it.
My upgrade experience has been smooth. I installed the Linux version to /usr/local, wiping everything except the plugins directory first. The program made a brief check of the installed extensions on the five machines I updated, found nothing special, and ran just fine afterwards.
When did the term “denial of service”, which used to mean using a large number of computers to hammer a web server with requests, either knocking the server offline or rendering it slow and unresponsive to legitimate users, come to be confused with “crashing the browser”? Am I missing something here? How is crashing someone’s web browser a DoS attack?
You’re thinking of Distributed Denial of Service (or DDoS). Denial of Service is used for anything that causes an app or anything to lock up or become unusable.
Auto-updated and solid.
You got to like the auto-update tool. Good work mozilla. Now do something about the memory usage pleace.
“You got to like the auto-update tool. Good work mozilla. Now do something about the memory usage pleace.”
First do something about your spelling pleaSe.
!!!
Good thing making this Firefox 1.5.0.3
release.
It was almost mandatory to make this quick fix relase for such a nasty thing as a publicly disclosed denial of service weakness.
Shifting the fixes for all bugfixes previously planned for Firefox 1.5.0.3 to 1.5.0.4 is the right decission, due to the importance of the facts.
This update will close the mouths of those that say that Firefox has also many bugs as Ms IE has; and will prove the speed and eficiency in correcting problems…
Well done. Hats off… Chapeau… Me quito el sombrero…
!!!
This update will close the mouths of those that say that Firefox has also many bugs as Ms IE has;
Why would it do that? It’s not like it no longer existed once it’s fixed.
The number of issues found in Firefox monthly is started to approach how bad IE was getting a few years ago. Difference is that
1) Most people have wisen up after going through the crap with IE and are more careful now
2) Firefox hasn’t really been targetted by 0day stuff yet
3) Most firefox users are more tech saavy.
The latter 2 will become less important over time. While Firefox may one day reach the NUMBER of bugs as IE, security-wise, it will never reach the same severity, for mostly the above reasons.
!!!
Good… So as you aknowledge Firefox has, and will have, anyway, less bugs and problems than Ms IExplorer.
That’s all I wanted you to recognise for once in your life… Thanks for once, sappy. Without wanting, you have acknowleged the facts… (now post again anwsering me, and telling about the supperiority of Ms IExplorer… C’mon!)
!!!
Less bugs? No.
Less problems with SECURITY, yes.
If you paid attention, you’d know I hate IE
Why would it do that? It’s not like it no longer existed once it’s fixed
But it’s like that when Firefox flaws are published, they NEVER have the time to be exploited, while in IE case, most of the flaws were massively exploited before MS made the annoucement of a correct fix, or even the announcement of the flaw.
The number of issues found in Firefox monthly is started to approach how bad IE was getting a few years ago
What does this mean ? Is this another way to say that Firefox today has far less flaws than IE ever had in its better months ?
Because you have to mix issues in the mix (issues are not all flaws), you have to say “is started” like it will be worse later, and you talk about the “number of issues” like it has any value in evaluating the security of Firefox.
Read the quote I replied to.
as many bugs as IE
That’s what I replied to, and nothing more. I even stated that the severity of Firefox security issues will never reach the level IE did.
Works as it should, both on my mac and my PC. Both using the auto-update feature.
Firefox keeping on top of security and since I dont pay anything it’s a very nice service and browser updates.
Here is a slackware security package update
http://slackware.com/security/viewer.php?l=slackware-security&y=200…
Edited 2006-05-04 14:40