Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: Firefox v1.0.7 Released - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Firefox v1.0.7 Released
Earlier today, Mozilla released the newest stable release of Firefox.  Firefox 1.0.7 is available for download in many languages (sorry Kevin that the KR release isn't ready yet, hopefully it will be soon).

From the release notes available at Mozilla Firefox website:

"This version includes several security and stability fixes, including a fix for a reported buffer overflow vulnerability and a fix for a Linux shell command vulnerability.

Specific changes in Firefox 1.0.7

  • Fix for a potential buffer overflow vulnerability when loading a hostname with all soft-hyphens
  • Fix to prevent URLs passed from external programs from being parsed by the shell (Linux only)
  • Fix to prevent a crash when loading a Proxy Auto-Config (PAC) script that uses an "eval" statement
  • Fix to restore InstallTrigger.getVersion() for Extension authors
  • Other stability and security fixes
"
ScottF

188 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!