LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Development page

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Mozilla Firefox 1.0.3/Suite 1.7.7 Released (MozillaZine)

[Posted April 17, 2005 by corbet]

MozillaZine reports that Firefox 1.0.3 and Mozilla 1.7.7 are out. There are some worthwhile security fixes, but also the possibility of broken extensions.
(Log in to post comments)

Mozilla Firefox 1.0.3/Suite 1.7.7 Released (MozillaZine)

Posted Apr 18, 2005 2:59 UTC (Mon) by tzafrir (subscriber, #11501) [Link]

The relevant volnurabilities seem to be:
  • 129097, Added to database at 23-Mar . Fixed within 3 days by RedHat, Fedora and Gentoo. Within 5 days by Slackware as well. (Mandrake? Debian? SuSE?)
  • 128926, Added again on 23-Mar, and fixed within three days by RedHat, Fedora and Gentoo.
This is almost a month ago! (I hope I don't mix issues here)

Actually the counting here is not valid, as it begins from the time the first fix was published. IIRC those advisories were issued aroud 23-Mar in a coordinated exposure of those issues.

So what took the mozilla foundation a whole month to respond? Makes me feel less safe to "Install and Forget" mozilla as a "safe" browser for windows users.

What took so long

Posted Apr 18, 2005 3:11 UTC (Mon) by corbet (editor, #1) [Link]

This release went through a long series of release candidates. It took a while to be sure that the problems were really fixed, and there was a serious effort to minimize breakage of extensions. It's not as if they just sat on the problems for a month.

Mozilla Firefox 1.0.3/Suite 1.7.7 Released (MozillaZine)

Posted Apr 18, 2005 3:27 UTC (Mon) by barryn (subscriber, #5996) [Link]

Uh, perhaps I'm mistaken, but aren't those the vulnerabilities fixed by Mozilla 1.7.*6* and Firefox 1.0.*2*?? I think there are other vulnerabilities fixed in Mozilla 1.7.7 and Firefox 1.0.3.

Mozilla Firefox 1.0.3/Suite 1.7.7 Released (MozillaZine)

Posted Apr 18, 2005 3:47 UTC (Mon) by tzafrir (subscriber, #11501) [Link]

So I was indeed wrong here. That's a relief.

To save the search for others: Firefox on the mozilla advisories page

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds