Re: Mozilla Firefox 1.0.1 Released

Andreas Tsouchlaris — Wed, 02 Mar 2005 21:24:11 GMT

Είναι που όλα τα υπόλοιπα έχουν τρύπες ασφάλειας και τα δικά μας είναι κέρβεροι...

Mozilla Firefox 1.0.1 Released

George J. Capnias — Sat, 26 Feb 2005 19:56:56 GMT

Σε περίπτωση που ξέφυγε από κάποιον...

1 Firefox 1.01 - Corrects several Security vulnerabilities r

Firefox 1.01 has been released to address several security issues. Users should unistall the prior version, backup/delete existing profiles, and then install FF 1.01.

Security Vulnerabilities Fixed in Firefox 1.0.1

Here's what's new in Firefox 1.0.1:

Improved stability
International Domain Names are now displayed as punycode. (To show International Domain Names in Unicode, set the "network.IDN_show_punycode" preference to false.)
Several security fixes.

MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-22 Download dialog spoofing using Content-Disposition header
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-19 Autocomplete data leak
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing

http://www.mozillazine.org/talkback.html?article=6129

Mozilla Firefox 1.0.1 Released

Thursday February 24th, 2005 -- Mozilla Firefox 1.0.1 has just been released. A minor update, this version fixes a few security holes and some other bugs. If you're using Firefox 1.0, you want this release. The Firefox Release Notes have also been updated and The Burning Edge has an unofficial Firefox 1.0.1 changelog. Download links can be found on the official Firefox product page.

BUG WHEN MANUALLY KEYING URLs: If you are experiencing a crash when entering text into the address bar, you can correct the problem by removing the autocomplete.xpt file from your Firefox components directory, for example C:\Program Files\Mozilla Firefox\components. To avoid this crash, do not install a new installer package on top of an older zipped package.

Λοιπά θέματα

Re: Mozilla Firefox 1.0.1 Released

Mozilla Firefox 1.0.1 Released

Security Vulnerabilities Fixed in Firefox 1.0.1

Mozilla Firefox 1.0.1 Released