Firefox Update Kills Bugs, Adds Mac Support 232
Juha-Matti Laurio writes "Several vulnerabilities are fixed in version Firefox 1.5.0.2, which was released on Thursday. In addition to security patches Firefox now includes some stability enhancements and, as expected, includes native support for Apple Computer's Macs with Intel processors. Secunia has a detailed advisory about vulnerabilities fixed with this release."
Re:It still leaks! (Score:5, Insightful)
Re:It still leaks! (Score:1, Insightful)
Re:It still leaks! (Score:3, Insightful)
What platform are you on?
What version of Firefox are you running?
What extensions to you have enabled?
What types of things are you doing when you notice the memory increasing?
Are you legitimately using more memory or is it actually a leak?
C'mon, man, give us something useful.
Re:"Fixes some security issues"? (Score:2, Insightful)
How does a browser that doesn't even run activex GET arbitary code exploits???
Re:"Fixes some security issues"? (Score:2, Insightful)
Next you'll be telling us that any bug in Windows is merely "serious", not "critical", as the DoD isn't running Windows on the systems used to control nuclear weapons launching, and that "critical" is too strong a word to describe anything that couldn't possible result in the annihilation of all life on the planet.
While we're at it, why not redefine "bug" as "a flaw in software that will literally kill the user" and claim that Firefox is completely bug-free?
Re:"Fixes some security issues"? (Score:3, Insightful)
Take a close look at the techniques used, and it's no wonder those "criminal cracker gangs" we keep hearing about have no apparent problem coming up with fresh 0-day exploits to sell if they are applying something like this. The only defence against this is going to be that you ship robust code that you can guarantee will handle any malformed data gracefully from day #1. That's going to take some getting used to in places like Redmond, WA where the "if it compiles, ship it" approach seems to have been the standard for so long.
Annoying update message (Score:5, Insightful)
I have firefox set to inform me that theres an update.
In my eyes that update check should only occur when I open a window, NOT when I'm in the middle of typing.
I saw a flash of something whilst I was typing and realised I had inadvertantly accepted a popup box.
I want to set Firefox to inform me of updates, but make sure it only does that when opening a new window or tab (so it knows I'm not actively typing).
Re:It is nice (Score:3, Insightful)
The default button is still focused and easy to accept.
If it only displayed this update message upon startup/New tab/window then I wouldn't have a problem, but if it detects an update mid session then it pops up then taking away focus.
I personally prefered the update throbber in the top right.
Re:"Fixes some security issues"? (Score:2, Insightful)
Re:spellcheker pleeze! (Score:1, Insightful)
Hold on there (Score:5, Insightful)
Be careful with this line of reasoning. All along there's been this mantra of "Firefox is inherently more secure, and would be even if it were the dominant browser" spouted continuously. Well, I happen think the GP makes a great point about this, and your reasoning seems to fly in the face of the mantra. Don't get me wrong--I'm one of these said spouters--but I'm honestly feeling more than a bit hypocritical at this moment. These are some damn serious issues, and it's not just a handful.
Now, I suspect the reason for this is that the Firefox community as a whole (users and developers) are far more pre-disposed to actually finding and publicly disclosing such bugs. My guess is that we really only see the tip of the IE iceberg in terms of security.
However, we still can't have it both ways; these are indeed very critical bugs, and to dismiss them otherwise may seem beneficial, but it's actually a great disservice.
Re:It still leaks! (Score:4, Insightful)
Who cares?
Seeing as that memory is now lost and unusable you **should** care. It is a sign of sloppy design anyways and the other two (Opera and IE) don't seem to have problems with memory leaks...
LEAKS ARE NOT A FEATURE! (Score:1, Insightful)
THEY ARE LIEING.
Everyone needs to understand that. They are lieing.
Opera has a far superior memory cache feature for going forward and backward. Yet it doesn't leak up to 1GB of memory in a day's worth of use.
The Firefox memory leaks are a BUG, and not caused by any feature (other than poor memory management). They're caused by poor design and sloppy coding, period.
Re:colgroup bug still exists (Score:3, Insightful)
It might seem like a fix is simple, but when you have a really large codebase and millions of web pages doing strange things, it's very easy for a "simple fix" to significantly change rendering results. Sure, in this case you personally would like the change, but imagine if you had a corporate intranet which for some reason depended on that specific alignment being unsupported. You distribute the security update, and suddenly it looks wrong. You'd be flaming the Mozilla Foundation for changing non-critical things in a minor point release.
That's why old branches are supported (i.e. Firefox 1.0.x) long after a new release is available - people don't want to have to worry about non-critical changes breaking things for point releases.
Re:FF configuration to reclaim leaked memory (Score:5, Insightful)
Re:It is nice (Score:2, Insightful)
Re:Annoying update message (Score:3, Insightful)
Accurate firefox usage information (Score:2, Insightful)
Acting Like Spyware (Score:2, Insightful)
This is bad protocol. Many (and I mean MANY) 3rd party nightmares identify themselves as proper patches for trusted titles. Firefox's update looked exactly like several of them. It's IMPORTANT TO CLARIFY WHO YOU ARE AND WHAT YOU'RE DOING. This could be resolved in any number of convenient, non-frightening, ways (All of them, too obvious to list).
It would be of tremendous value to the more paranoid side of geekdom if Mozilla/Firefox also forced release notes to load at the time of notification of an update. It took me more than 4 hours to give in and run a complete system backup to dvd... all because my browser wanted a restart.