Update : Firefox 1.0.4

MartMax

New update has been released with few security bugs fixed.

Ciaran500

FFS again. I just can't be arsed keeping up with these.

Mutant_Fruit

better they release a new version as soon as they have a fix rather than waiting a few weeks to release it...

leeroybrown

Ciaran500 wrote:

FFS again. I just can't be arsed keeping up with these.

Browsers tend to have lots of little flaws as there is so much going on. It's nice to see the Firefox team getting these sorted and fixed expediently.

Mutant_Fruit

Just as a point of interest, here are some stats regarding vulnerabilities in firefox and IE.

Firefox:
Currently, 4 out of 17 Secunia advisories, are marked as "Unpatched" in the Secunia database.

IE 6.0:
Currently, 19 out of 80 Secunia advisories, is marked as "Unpatched" in the Secunia database.

And i'd be pretty sure the new version of firefox fixes some of those unpatched vulnerabilities. I don't think we'll be seeing patchs for those 19 advisories in IE any time soon.

leeroybrown

Mutant_Fruit wrote:

I don't think we'll be seeing patchs for those 19 advisories in IE any time soon.

It'll be called Internet Explorer 7

anthonymcg

leeroybrown wrote:

It'll be called Internet Explorer 7

Ah yes, the white knight of IE7.

Creamy Goodness

Ciaran500 wrote:

FFS again. I just can't be arsed keeping up with these.

i'd rather these two weekly updates than yearly updates from microsoft tbh

leeroybrown

For anyone that's interested the Mozilla Foundation publish all the security information on their Known Vulnrabilities page. There's a link there to their Bugzilla page that will show you all the bugs, their severity and priority.

Berger

Is there no way to update without just downloading the new version? I thought you could click the thing under the X to update but mine isn't red.

Mutant_Fruit

When you click on the red X, all it does is download the latest installer, and then installs that for you. Downloading the 1.0.4 installer from the site would accomplish the same job.

daveirl

This post has been deleted.

unkel

Ciaran500 wrote:

FFS again. I just can't be arsed keeping up with these.

This is the one that is necessary though! Fair play to Mozilla for indeed bringing out the new version within days of the security breach becoming public

Valentia

FFS again. I just can't be arsed keeping up with these.

This may come as a disappointment to you but your entry has not been shortlisted for the "Logical Post of the Month" award.

:rolleyes:

unkel

Er, Mutant_Fruit, you'd better kill that sig or there will be a major ban coming up :rolleyes:

Mutant_Fruit

unkel wrote:

Er, Mutant_Fruit, you'd better kill that sig or there will be a major ban coming up :rolleyes:

Sig... what sig? I have no sig! And i definately didn't get PM'ed by anyone. I swear. No-one pm'ed me saying that if i didn't remove it within 48 hours, an admin would lay the beatdown on my ass.

For those of you wondering what the sig was... http://homepage.ntlworld.com/p.blackman/whole.jpg

breadmonkey

Mutant_Fruit wrote:

Sig... what sig? I have no sig! And i definately didn't get PM'ed by anyone. I swear. No-one pm'ed me saying that if i didn't remove it within 48 hours, an admin would lay the beatdown on my ass.

For those of you wondering what the sig was... http://homepage.ntlworld.com/p.blackman/whole.jpg

Thanks for posting that, the art work is incredible, but it's not hard to see why they would want to beat you around the head for using it as a sig!

j_smack

Ciaran500 wrote:

FFS again. I just can't be arsed keeping up with these.

I know the feeling.....it takes a good 30 mins to rebuild it on gentoo.........

They seem to be patching a lot more frequently since pre version 1 era. Prehaps it's the publicity and big increase in general usage.

anthonymcg

Mutant_Fruit wrote:

For those of you wondering what the sig was... http://homepage.ntlworld.com/p.blackman/whole.jpg

Yeah my mate pm'd me going "wtf" and linking to it. :rolleyes: Was just waiting for them to take out the boards.ie novelty paddle.

Cake Fiend

Case A: Microsoft IE

Updates released every few weeks, usually weeks/months after the vulnerability has been discovered, many of these rated as 'critical', high risk due to the browser's integration with the OS.

Case B: Firefox

Updates released from time to time, usually a matter of days after the vulnerability has been discovered, the majority rated as 'low' or 'moderate', no risk if the browser isn't used, usually an easy workaround in the mean time.


I know which situation I prefer!

cregser

Sico wrote:

Case A: Microsoft IE

Updates released every few weeks, usually weeks/months after the vulnerability has been discovered, many of these rated as 'critical', high risk due to the browser's integration with the OS.

I thought Microsoft gagged companies releasing details untill MS had a fix ready. I remember fairly recently a company releasing proof of concept (or whatever its called) code on the day of the patch release and MS gave out to them. Saying peeps didn't have no time to patch their chomputers.

Capt'n Midnight

Sico wrote:

Updates released every few weeks, usually weeks/months after the vulnerability has been discovered,

Point of information - they are almost always released on the second Tuesday of each month , if the vulernability is fixed on during week 3 you gotta wait.

http://secunia.com - pick your browser on the top left, note that none of the Firefox vulnerabilities were rated as extremely critical (though both browsers have/had highly critical ones.

The point about IE integration is very important - unlike FireFox you can't just not use it or uninstall it

Mimikyu

This post has been deleted.