Thought I'd let you know, any Mozilla Browser peeps out there, just got official notice of some vulnerabilities that need to be addressed with an upgrade to the latest version of your browsers.
FYI
Linkage?
Received the autoupdate already on both my systems.
Quote from: "Mr. Analog"Linkage?
http://www.mozilla.com/firefox/releases/1.5.0.2.htmlI got there by clicking
Help->Check for Updates... in Firefox. :)
Hmm, ever since Firefox started eating all my ram (even with 1GB), I switched back to Konqueror.
Quote from: "Tom"Hmm, ever since Firefox started eating all my ram (even with 1GB), I switched back to Konqueror.
What OS is that? I haven't had any problems (and I use multiple tabs a lot). (Currently using 45 MBs).
I tend to use multiple windows with multiple tabs.. And my firefox process would eat at least 100MB, sometimes around 200-300MB.
As for my OS, it be linux.
Quote from: "Mr. Analog"Linkage?
These might be the links you were looking for:
http://www.mozilla.org/security/announce/http://www.mozilla.org/projects/security/known-vulnerabilities.htmlhttp://www.kb.cert.org/vuls/byid?searchview&query=mozilla_April_2006I subscribe to the cert alerts, both technical and professional. They only release information once they have a solution, as to reduce possibility of exploiters taking advantage of found vulnerabilities.
Yep found 'em already just thought you might have them before I started hitting the update sites.
Happy to see that with 1.5.2 my fave extension "Launchy (http://gemal.dk/mozilla/launchy.html)" still works :)
PS: wow, check out the description of some of the security holes and stuff -- some very creative minds when it comes to finding new (theoretical) ways to execute malicious code...
Mozilla Foundation Security Advisories ( http://www.mozilla.org/security/announce/ (http://www.mozilla.org/security/announce/) ) ...
April 13, 2006
MFSA 2006-29 Spoofing with translucent windows
MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented
MFSA 2006-26 Mail Multiple Information Disclosure
MFSA 2006-25 Privilege escalation through Print Preview
MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest
MFSA 2006-23 File stealing by changing input type
MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability
MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2)
MFSA 2006-19 Cross-site scripting using .valueOf.call()
MFSA 2006-18 Mozilla Firefox Tag Order Vulnerability
MFSA 2006-17 cross-site scripting through window.controllers
MFSA 2006-16 Accessing XBL compilation scope via valueOf.call()
MFSA 2006-15 Privilege escalation using a JavaScript function's cloned parent
MFSA 2006-14 Privilege escalation via XBL.method.eval
MFSA 2006-13 Downloading executables with "Save Image As..."
MFSA 2006-12 Secure-site spoof (requires security warning dialog)
MFSA 2006-11 Crashes with evidence of memory corruption (rv:1.8)
MFSA 2006-10 JavaScript garbage-collection hazard audit
MFSA 2006-09 Cross-site JavaScript injection using event handlers
I bolded my personal favorite; read the description (http://www.mozilla.org/security/announce/2006/mfsa2006-23.html) to see why, wow that's a twisted mind who would think of doing that :o
- - -
On the topic of Firefox popularity, check out these interesting Browser Statistics (http://www.w3schools.com/browsers/browsers_stats.asp) from W3Schools.com .