Update

FireFox Rapid Release-Silent Updates

by certifiedbug on October 5, 2011

in Browser

http://blog.lizardwrangler.com/2011/10/03/rapid-release-follow-up/

Update Fatigue. In the past we have been very careful to make sure people know something is changing with their web browser before it changes. We did this to make sure people are aware and in control of what’s happening to their environment. Our position was to err on the side of user notification. Today people are telling us — loudly — that the notifications are irritating and that a silent update process is important. This work is underway. The first set of improvements should appear in the next Firefox release, with more improvements appearing in the next few months. Also, one main reason people are notified of updates is due to incompatible add-ons which will be addressed by the work on add-on compatibility. More details can be found in this blog post: http://www.brianbondy.com/blog/id/125/mozilla-firefox-and-silent-updates

{ 0 comments }

Firefox 6.0 on its way

by certifiedbug on August 15, 2011

in Browser

Tuesday will see the release of Firefox 6.0 eight weeks after the release of 5.0 and less than 5 months after the release of 4.0.

It’s all Google’s fault. Version 1 of Chrome released on December 11, 2008. Here we are, less than 1,000 days later, with version 13 as the stable release. Of course Mozilla is the descendant of Netscape which invented the idea of releasing products formally designated as beta, which Google extended to having some products never leave beta. Together the two have taken any meaning out of version numbers.

http://www.betanews.com/article/Network-admins-stunned-and-reeling-from-repeated-Firefox-upgrades/1313384777?

{ 0 comments }

Adobe Product Security Incident Response Team (PSIRT) Blog

Today, a Security Bulletin (APSB11-05) has been posted to address a critical security issue (CVE-2011-0609) in Adobe Flash Player, as referenced in Security Advisory Security Advisory APSA11-01. This Security Bulletin affects Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier versions for Chrome users) for Windows, Macintosh, Linux, and Solaris operating systems, and Adobe Flash Player 10.1.106.16 and earlier versions for Android. Adobe recommends users apply the updates for their product installations.

http://blogs.adobe.com/psirt/2011/03/security-update-available-for-adobe-flash-player-apsb11-05.html

{ 0 comments }

Thunderbird 3.1.8 Released

by certifiedbug on March 1, 2011

in Software

Thunderbird 3.1.8 provides several fixes to improve performance, stability and security.

MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)

http://www.mozillamessaging.com/en-US/thunderbird/3.1.8/releasenotes/

http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.8

Update from within Thunderbird or download

{ 0 comments }

Firefox 3.6.14 Released

March 1, 2011

Firefox 3.6.14 fixes 10 security issues. Eight critical, one high and one moderate. MFSA 2011-10 CSRF risk with plugins and 307 redirects MFSA 2011-09 Crash caused by corrupted JPEG image MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents MFSA 2011-07 Memory corruption during text run construction (Windows) MFSA 2011-06 Use-after-free error using Web Workers [...]

Read the full article →

Firefox 3.6.13 Released

December 9, 2010

Firefox 3.6.13 fixes 11 security issues. Nine critical, one high and one moderate. MFSA 2010-84 XSS hazard in multiple character encodings MFSA 2010-83 Location bar SSL spoofing using network error page MFSA 2010-82 Incomplete fix for CVE-2010-0179 MFSA 2010-81 Integer overflow vulnerability in NewIdArray MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver MFSA 2010-79 Java security [...]

Read the full article →

Adobe critical update

November 18, 2010

Tuesday Adobe issued a Critical update to patch at least two security holes in its PDF Reader and Acrobat software. Release date: November 16, 2010 Vulnerability identifier: APSB10-28 CVE numbers: CVE-2010-3654, CVE-2010-4091 Platform: All Platforms In addition to addressing CVE-2010-3654 noted in Security Advisory APSA10-05 and CVE-2010-4091 referenced in the Adobe PSIRT blog (“Potential issue [...]

Read the full article →

Mozilla patches Zero-Day. Firefox 3.6.12, Thunderbird 3.1.6 Released

October 28, 2010

Firefox 3.6.12 fixes a critical security issue that could potentially allow remote code execution. Thunderbird 3.1.6 fixes a critical security issue that could potentially allow remote code execution. This issue does not affect email or newsgroups but could be triggered through browser-like features or add-ons. Mozilla Foundation Security Advisories > MFSA 2010-73 Title: Heap buffer [...]

Read the full article →

Thunderbird 3.1.5 released

October 20, 2010

* Several fixes to improve performance, stability and security. MFSA 2010-72 Insecure Diffie-Hellman key exchange MFSA 2010-71 Unsafe library loading vulnerabilities MFSA 2010-70 SSL wildcard certificate matching IP addresses MFSA 2010-69 Cross-site information disclosure via modal calls MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter MFSA 2010-66 Use-after-free error in nsBarProp MFSA 2010-65 Buffer overflow and [...]

Read the full article →

Firefox 3.6.11 Released

October 20, 2010

Firefox 3.6.11 fixes several security and stability issues. http://www.mozilla.com/en-US/firefox/3.6.11/releasenotes/ MFSA 2010-72 Insecure Diffie-Hellman key exchange MFSA 2010-71 Unsafe library loading vulnerabilities MFSA 2010-70 SSL wildcard certificate matching IP addresses MFSA 2010-69 Cross-site information disclosure via modal calls MFSA 2010-68 XSS in gopher parser when parsing hrefs MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter MFSA 2010-66 [...]

Read the full article →