Mozilla has plugged a few holes in Firefox
Once more unto the breach, dear friends, once more.
Mozilla has plugged a few holes in Firefox 1.5.x for what ostensibly may turn out to be the last time. The final release of Firefox 220.127.116.11 accompanies the release of Mozilla's current standard bearer Firefox 18.104.22.168, both of which are being patched for at least five flaws.
Only one is critical. Mozilla Foundation Security Advisory 2007-12 details a flaw about a memory crash that could potentially lead to arbitrary file execution.
One particularly annoying bug related to Mozilla's form auto-complete function has also been repaired in the latest Firefox releases.
Rated "low impact," the flaw could have enabled a denial-of-service attack. Filling a text field with millions of characters and submitting the form will cause the victim's browser to hang for up to several minutes while the form data is read, and this will happen the first time auto complete is triggered after every browser restart.
The Firefox 22.214.171.124 release is expected to be the last official Mozilla release in the Firefox 1.5.x product line, which was first launched in November 2005. The release of Firefox 2.x in October superseded 1.5.x as Mozilla's flagship browser line.
"Mozilla typically maintains support for previous releases for six months after a major release," Mozilla developer Basil Hashem wrote in a mailing list posting. "Mozilla has previously extended the planned end of life for the 1.5.0.x series in order to accommodate some recent changes in update functionality."
Mozilla will help its legacy users migrate to Firefox 2.x with an automatic browser update notice at some point in the next several weeks, prompting them to upgrade up to Firefox 126.96.36.199.
Return to internet news headlines
View Internet News Archive