WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Firefox updates

Started by AplusWebMaster , Jun 17 2008 02:01 PM

Please log in to reply

196 replies to this topic

#1 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 17 June 2008 - 02:01 PM

FYI...

Firefox v3.0 released
- http://www.mozilla.com/firefox/

Release notes:
- http://www.mozilla.c...0/releasenotes/

Download:
- http://www.mozilla.c...irefox/all.html
(over 45 languages)

.

Edited by AplusWebMaster, 03 July 2008 - 06:20 AM.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Advertisements

Register to Remove

#2 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 17 June 2008 - 02:49 PM

Suggested reading prior to install:

Release notes / Known Issues:
- http://www.mozilla.c...0/releasenotes/
(Includes)...known problems with Firefox 3...

.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#3 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 19 June 2008 - 04:14 AM

FYI...

Firefox vuln - unpatched
- http://secunia.com/advisories/30761/
Release Date: 2008-06-19
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 2.0.x, Mozilla Firefox 3.x...
The vulnerability is reported in versions 3.0 and 2.0.x. Other versions may also be affected.
Solution: Do not follow untrusted links nor browse untrusted web sites...
Original Advisory:
http://dvlabs.tippin...illa-firefox-30
"...Not unlike most browser based vulnerabilities that we see these days, user interaction is required such as clicking on a link in email or visiting a malicious web page. While Mozilla is working on a fix, we wont be divulging anything else until a patch is available..."
- http://blog.mozilla....-investigation/

- http://nvd.nist.gov/...e=CVE-2008-2786
- http://nvd.nist.gov/...e=CVE-2008-2785

:ph34r:

Edited by AplusWebMaster, 23 June 2008 - 02:30 PM.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#4 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 June 2008 - 11:52 AM

FYI...

- http://preview.tinyurl.com/47o8yg
June 26, 2008 (arstechnica.com) - "...Mozilla told us that they have not finalized the schedule for when Firefox 3 will be made available to Firefox 2 users through the update channel, but they suspect that it will happen within the next two or three months..."

.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#5 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 01 July 2008 - 04:30 PM

FYI...

Firefox v2.0.0.15 released

From an admin account, start Firefox, then >Help >Check for Updates
-or-

Download
- http://www.mozilla.c.../all-older.html

What's New in Firefox 2.0.0.15:
- http://www.mozilla.c...5/releasenotes/
July 1, 2008

- http://www.mozilla.o...es.html#Firefox

- http://secunia.com/advisories/30911/
Last Update: 2008-07-03
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information,
Exposure of sensitive information, DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 2.0.0.15...

:ph34r:

Edited by AplusWebMaster, 03 July 2008 - 06:23 AM.
Added Secunia advisory.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#6 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 July 2008 - 12:20 AM

FYI...

Firefox v2.0.0.16 released

From an admin account, start Firefox, then >Help >Check for Updates
-or-

Download
- http://www.mozilla.c.../all-older.html

What's New in Firefox 2.0.0.16:
- http://www.mozilla.c...6/releasenotes/
July 15, 2008

- http://www.mozilla.o.../firefox20.html

- http://nvd.nist.gov/...e=CVE-2008-2785
CVSS v2 Base score: 9.3 (High)
- http://cve.mitre.org...e=CVE-2008-2933

//

Edited by AplusWebMaster, 16 July 2008 - 05:58 AM.
Added CVE references...

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#7 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 July 2008 - 05:01 PM

FYI...

Firefox v3.0.1 released
- http://www.mozilla.com/firefox/
July 16, 2008

Upgrading Firefox
- http://support.mozil...grading Firefox
"To manually check for a Firefox update, click the Help menu at the top of the Firefox window, and select Check for Updates..."

If "Check for Updates is disabled", see:
- http://support.mozil...tes is disabled

Security Advisories
- http://www.mozilla.o...ml#firefox3.0.1

Known Issues
- http://www.mozilla.c...1/releasenotes/

Fixes in v3.0.1:
- http://www.mozilla.o...fsa2008-34.html
- http://www.mozilla.o...fsa2008-35.html
- http://www.mozilla.o...fsa2008-36.html

- http://secunia.com/advisories/31106/
Last Update: 2008-07-17
Critical: Highly critical
Impact: Security Bypass, Spoofing, System access
Where: From remote
...The vulnerabilities are reported in versions prior to 3.0.1.
Solution: Update to version 3.0.1 ...

- http://nvd.nist.gov/...e=CVE-2008-2785
CVSS v2 Base score: 9.3 (High)

- http://nvd.nist.gov/...e=CVE-2008-2933

//

Edited by AplusWebMaster, 17 July 2008 - 10:08 AM.
Added Secunia advisory and CVE ref...

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#8 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 23 September 2008 - 07:40 PM

Edited by AplusWebMaster, 26 September 2008 - 02:20 AM.
Added Secunia/CVE advisory links

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#9 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 September 2008 - 06:03 PM

FYI...

Firefox v3.0.3 released
- http://en-us.www.moz...3/releasenotes/
September 26, 2008 - "Fixed a problem where users were unable to retrieve saved passwords or save new passwords (bug 454708*)"
* https://bugzilla.moz...g.cgi?id=454708

- http://www.mozilla.c...irefox/all.html

:ph34r:

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#10 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 12 November 2008 - 06:35 PM

Edited by AplusWebMaster, 17 November 2008 - 10:25 AM.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Advertisements

Register to Remove

#11 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 December 2008 - 05:19 PM

FYI...

Firefox v3.0.5 released
- http://www.mozilla.com/firefox/
Dec. 16, 2008

Release Notes
- http://www.mozilla.c...5/releasenotes/

Security Advisories
- http://www.mozilla.o...ml#firefox3.0.5
Fixed in Firefox 3.0.5
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)
___

Firefox v2.0.0.19 released
- http://www.mozilla.c.../all-older.html

- http://www.mozilla.c...9/releasenotes/
Note: This is the last planned release of Firefox 2. All users are encouraged to upgrade to Firefox 3.
Firefox 2.0.0.19 does -not- include Phishing Protection.
___

- http://secunia.com/advisories/33203/

- http://secunia.com/advisories/33184/

:ph34r:

Edited by AplusWebMaster, 17 December 2008 - 05:24 AM.
Added Secunia advisory links...

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#12 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 19 December 2008 - 08:16 AM

FYI...

Firefox v2.0.0.20 released
- http://www.mozilla.c.../all-older.html
December 18, 2008

Release Notes:
- http://www.mozilla.c...0/releasenotes/
Note: This is the last planned release of Firefox 2. All users are encouraged to upgrade to Firefox 3. Firefox 2.0.0.20 does not include Phishing Protection.
- http://www.mozilla.c...senotes/#issues

Security Update:
- http://www.mozilla.c...0/releasenotes/
Firefox 2.0.0.20 includes an additional security fix over Firefox 2.0.0.19 for users of the Windows platform. The following security issue* was fixed.

* http://www.mozilla.o...firefox2.0.0.20
MFSA 2008-65 Cross-domain data theft via script redirect error message (Windows)
- http://preview.tinyurl.com/3mvadg
"...Mozilla omitted one of the security patches that was supposed to be included in the Windows version of Tuesday's Firefox 2.0 .0.19 release..."

Firefox 3
- http://secunia.com/advisories/33203/
...Solution: Update to version 3.0.5.
http://www.mozilla.c...t=firefox-3.0.5

:ph34r:

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#13 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 03 February 2009 - 06:56 PM

FYI...

Firefox v3.0.6 released

From an admin account, start Firefox, then >Help >Check for Updates
-or-

Download Firefox v3.0.6
- http://www.mozilla.c...irefox/all.html

Security Advisories for Firefox v3.0.6
- http://www.mozilla.o...ml#firefox3.0.6
Fixed in Firefox 3.0.6
MFSA 2009-06 Directives to not cache pages ignored
MFSA 2009-05 XMLHttpRequest allows reading HTTPOnly cookies
MFSA 2009-04 Chrome privilege escalation via local .desktop files
MFSA 2009-03 Local file stealing with SessionStore
MFSA 2009-02 XSS using a chrome XBL method and window.eval
MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6)

- http://secunia.com/advisories/33799/
Critical: Highly critical
Impact: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: Mozilla Firefox 3.x...

- http://web.nvd.nist....d=CVE-2009-0352
- http://web.nvd.nist....d=CVE-2009-0353
- http://web.nvd.nist....d=CVE-2009-0354
- http://web.nvd.nist....d=CVE-2009-0355
- http://web.nvd.nist....d=CVE-2009-0356
- http://web.nvd.nist....d=CVE-2009-0357
- http://web.nvd.nist....d=CVE-2009-0358

:ph34r:

Edited by AplusWebMaster, 09 February 2009 - 11:28 AM.

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#14 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 04 March 2009 - 07:51 PM

FYI...

Firefox v3.0.7 released

From an admin account, start Firefox, then >Help >Check for Updates
-or-

Download Firefox v3.0.7
- http://www.mozilla.c...irefox/all.html

Fixed in Firefox 3.0.7
- http://www.mozilla.o...ml#firefox3.0.7
MFSA 2009-11 URL spoofing with invisible control characters
MFSA 2009-10 Upgrade PNG library to fix memory safety hazards
MFSA 2009-09 XML data theft via RDFXMLDataSource and cross-domain redirect
MFSA 2009-08 Mozilla Firefox XUL Linked Clones Double Free Vulnerability
MFSA 2009-07 Crashes with evidence of memory corruption (rv:1.9.0.7)

- http://nvd.nist.gov/...e=CVE-2009-0771
- http://nvd.nist.gov/...e=CVE-2009-0772
- http://nvd.nist.gov/...e=CVE-2009-0773
- http://nvd.nist.gov/...e=CVE-2009-0774
- http://nvd.nist.gov/...e=CVE-2009-0775
- http://nvd.nist.gov/...e=CVE-2009-0776

- http://secunia.com/advisories/34145/2/
Release Date: 2009-03-05
Critical: Highly critical
Impact: Security Bypass, Spoofing, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: Mozilla Firefox 3.x ...
Solution: Update to version 3.0.7 ...

:ph34r:

Edited by AplusWebMaster, 09 March 2009 - 03:12 PM.
Added Secunia advisory and CVE refs...

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#15 AplusWebMaster

AplusWebMaster

Authentic Member
10,472 posts

Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 28 March 2009 - 04:20 AM

FYI...

Firefox v3.0.8 released

From an admin account, start Firefox, then >Help >Check for Updates
-or-

Download Firefox v3.0.8
- http://www.mozilla.c...irefox/all.html

Fixed in Firefox 3.0.8
- http://www.mozilla.o...ml#firefox3.0.8
MFSA 2009-13 Arbitrary code execution through XUL <tree> element
MFSA 2009-12 XSL Transformation vulnerability

- http://secunia.com/advisories/34471/2/
Last Update: 2009-03-28
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Mozilla Firefox 3.x ...
Solution: Update to version 3.0.8...

- http://nvd.nist.gov/...e=CVE-2009-1044
- http://nvd.nist.gov/...e=CVE-2009-1169

:ph34r:

Edited by AplusWebMaster, 31 March 2009 - 02:57 PM.
Added Secunia advisory and CVE links...

.The machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Body Background

skin color theme