Forgot your password?
typodupeerror

Mozilla Firefox 1.5.0.3 Released 250

Posted by CmdrTaco
from the get-your-patch-on dept.
Mini-Geek writes "Mozilla Firefox 1.5.0.3 has been released. As with previous 1.5.0.x patches, 1.5.0.3 can be downloaded as a small, incremental download. From the article: 'This update fixes a publicly disclosed denial of service weakness. All users are encouraged to upgrade to this version. The bugfixes previously planned for Firefox 1.5.0.3 were shifted to 1.5.0.4, and a quick update was released shortly after the recent to address the publicly reported issue.'"
This discussion has been archived. No new comments can be posted.

Mozilla Firefox 1.5.0.3 Released

Comments Filter:
  • Ooooo... (Score:4, Funny)

    by heybiff (519445) on Wednesday May 03, 2006 @09:10AM (#15253149) Homepage
    I can't wait to see what passage we will have from the Book of Mozilla.

    The readings are always so inspiring and applicable to our modern lives.

    Heybiff
    • I can't wait to see what passage we will have from the Book of Mozilla.
      Maybe I'm missing a joke, but the Book of Mozilla passage doesn't change with every release. I don't think it has changed in the last several releases, but maybe I'm wrong.
      • Re:Ooooo... (Score:5, Informative)

        by AKAImBatman (238306) * <akaimbatman@g[ ]l.com ['mai' in gap]> on Wednesday May 03, 2006 @09:45AM (#15253409) Homepage Journal
        The book of Mozilla has changed for each product released. There's a Wikipedia page that gives the history here [wikipedia.org]. An official page containing all the passages to date can be found here [mozilla.org]. And in case you're too lazy to click, here they are by browser:

        Netscape:
        And the beast shall come forth surrounded by a roiling cloud of vengeance. The house of the unbelievers shall be razed and they shall be scorched to the earth. Their tags shall blink until the end of days.

        from The Book of Mozilla, 12:10


        Mozilla:
        And the beast shall be made legion. Its numbers shall be increased a thousand thousand fold. The din of a million keyboards like unto a great storm shall cover the earth, and the followers of Mammon shall tremble.

        from The Book of Mozilla, 3:31
        (Red Letter Edition)


        Firefox:
        And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror.

        from The Book of Mozilla, 7:15
    • And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror.

      from The Book of Mozilla, 7:15


      Straight from 1.5.0.3 :P
  • by scott_evil (266713) <.moc.liamg. .ta. .hcaocrepus.eht.> on Wednesday May 03, 2006 @09:10AM (#15253151)
    Gotta love the small update size. More software should work this way and instead of giving us everything each time, just give the changes. Well... more windows software needs to do it, other platforms seem to manage it ok.
    • by MikeFM (12491) on Wednesday May 03, 2006 @09:32AM (#15253327) Homepage Journal
      It's definately a role model that other software venders could learn from. For friends and family that I used to have to babysit their browser updates now all I have to do is let Firefox do it's thing. Seems to work well in Thunderbird too. It really does make it a lot easier for non-technical people to keep up-to-date and truth be told it makes it easier for a geek boy like me too.

      The only other Windows program I have that seems to work as well is Azureus which is also opensource.
    • I ran "Check for updates" in 1.5.0.1/win and it has chosen to download 6.1MB (even if .1->.3 is not available, FF could have downloaded incremental .2 version first...)

    • Aren't MS hotfixes usually pretty small? Service packs are big because they contain so many changes. It is difficult to "diff" a binary and it only works if you have a specific version of a binary installed (which most systems don't). And on Linux, you almost always have to download full packages to update. I would say it is linux that has this "problem," not Windows.

      -matthew
    • No doubt I'll get flamed for this, but...

      I hate the fact that the default Firefox update settings FORCE me to install the update once it's been downloaded. I may want to purposely test code on an older version of FF, or I may know that it breaks an extension and not want to install it. Whatsmore, there's actually no setting that lets you actually tell FF to check for updates, but not force you to install them once downloaded. Which is retarded.

      And they're even planning on making this happen invisibly, wi
  • A denial of service attack? On a browser?

    I thought that was just called a "crash."
    • The linked page describes the bug as a crash also. I think its one of those 'the use of your browser service could be disrupted for 10 seconds while Firefox restarts' sort of DOS attacks.

  • Incremental patch? (Score:4, Interesting)

    by VincenzoRomano (881055) on Wednesday May 03, 2006 @09:20AM (#15253219) Homepage Journal
    I've not found any technical details about the "incremental update" mechanism.
    One would wonder how can this be accomplished with binary distributions (like DEB and RPM.) DLLs?
    For the sources it means that the original complete source code is already available!
    Maybe it is just a download manager a-la Acrobat Reader (for Windows).
    • by Anonymous Coward
    • I don't know how it works but it's b0rken. It's the second time already that i've been forced to uninstall FF and reinstall it, because after updating it was stuck in an endless loop and complaining that some resources were locked. Rebooting, removing the extension folder, checking for any open handles leading to firefox did not help. Coupling this with the general slowness and unresponsiveness and crash-prone-ness of FF, I've switched to Opera and I have no regrets. Heck, even a beta (an Opera one, I mean)
      • Well, it sounds like your install of Firefox got b0rked, at least. The Firefox Standard Diagnostic [mozillazine.org] should fix most of your problems.
        • Right, it should, however it doesn't. Actually... their last suggestion is to wipe FF and reinstall it (duh) and even then, a fresh installation of FF with a grand total of 3-4 extensions fails to update.
          The system has just booted. No firefox process has been started. The first thing to come up is the update dialog. THIS is the only thing that can have an open handle on firefox and therefore the updating mechanism must be locking itself. It would help if it lasted for more than half a second or left a log
          • Right, it should, however it doesn't. Actually... their last suggestion is to wipe FF and reinstall it (duh) and even then, a fresh installation of FF with a grand total of 3-4 extensions fails to update.


            Try without any extensions, maybe one of them is causing trouble.

            I have four extensions and the auto update worked fine:
            Adblock Plus 0.7
            NoScript 1.1.4
            FasterFox 1.0.3
            Slashdotter 1.5
          • Did you try creating a new profile and not installing any extensions?
            • Yes, I did. I don't usually give up troubleshooting easily :D Anyway it's been "fixed" by reinstalling and disabling updates (meh) because my "final" switch to Opera was not so final after all. But thanks for the suggestion!
    • by mlefevre (67954) on Wednesday May 03, 2006 @10:22AM (#15253658) Homepage
      Because the downloaded file contains the differences between the binaries, and the updater leaves the rest of the binary file as it was.

      See http://wiki.mozilla.org/Software_Update:MAR [mozilla.org] and http://www.daemonology.net/bsdiff/ [daemonology.net] for more.
    • So, finally, "incremental downloads" should actually be binary patches, as seen long long ago with Quartedeck's QEMM-386 [wikipedia.org].
      Under opensource environment this is really hard to do because of the large number of choices users have to build their own binaries.
      How is the binary patcher supposed to identify the correct place in my binary to insert the patch?
      Or is The MF willing to provide their own binary distribution?
      I fear that the "incremental download" feature is doomed to die soon!
      • On Windows and Mac, most users are likely using the binaries provided by Mozilla, and so the binary diff should work fine. Linux I imagine less are, since many distributions might provide slightly different builds for their environment. In these cases, the distribution should provide an updated version through their normal update channels.
      • As others have pointed out, Mozilla does provide their own binary distributions of Firefox for Windows, Mac and Linux. The vast majority of Firefox users are probably on Windows, which means incremental binary patches are a godsend in terms of time, bandwidth, and getting the masses to install security fixes.

        With Linux, it depends entirely on whether you're using the Mozilla binary or your Linux distro's binary. If you want to run beta versions of Firefox, or if you want to keep current beyond what your d
    • 1.5.0.3 just finished compiling, thank you. Gentoo user, obviously.

      But as others in this subthread have also said, binary patching is practically useless for Linux. Even if most non-Gentoo users don't compile their own packages, the binaries are usually built by the distribution, not simply accepted from Mozilla.

      So as a f'rinstance, /usr/lib/mozilla-firefox contains firefox-bin, 10 .so's, and a whole raft of other components. WIBNI the build process itself could be incremental, kind of like 'make' has been
  • by Rob T Firefly (844560) on Wednesday May 03, 2006 @09:20AM (#15253221) Homepage Journal
    All users are encouraged to upgrade to this version.

    Shouldn't we just take this for granted by now? You never really see a vendor come out with a new version of something that some users are discouraged from upgrading to.

    "Here everyone, have some bug fixes and optimizations... but not that one guy, or you people over there, or that lady with the sideburns.."

    • All users are encouraged to upgrade to this version.
      Shouldn't we just take this for granted by now?
      Well, if the upgrade only added a feature that is useful to a very small segment of the user base, all users wouldn't be encouraged to upgrade, only those needing/wanting the new feature.
    • Re:Encouragement! (Score:3, Informative)

      by rakjr (18074)
      Not 100% correct. Micro$oft frequently has patches which state, 'only use this patch if you are suffering from the following computing affliction.' Ok, not that exactly, but it is just a variation on, 'if it is not broken, do not minor patch it.'
  • by hsmith (818216) on Wednesday May 03, 2006 @09:20AM (#15253225)
    The javascript console bug has an annoying ass problem of spewing out tons of debug information for CSS errors, which no one cares about because you have to do so many hacks to get styles to look right in all browsers. Console2 was to fix this, but it hasn't been worked on in forever and isn't compatable with 1.5.X. 100 CSS errors every time you load a page gets annoying when you are searching for a few JS errors
  • A question, which is off topic, but not entirely:
    Does anyone else have the problem that occurs sometimes when everything you type into the browser, every single character goes into the form, but it also pops up the "search" functionality and puts the character in there. It also loses focus, so you have to reclick back into the form field, and type the next character.
    I have no idea what causes it, but I have to close my browser, and restart it.
    If you don't know what I'm talking about you don't have it.
  • by CritterNYC (190163) on Wednesday May 03, 2006 @11:07AM (#15254021) Homepage
    For the portable folks, I updated Portable Firefox 1.5.0.3 to the new release as well:
    http://portableapps.com/apps/internet/browsers/por table_firefox [portableapps.com]

    Also added in a few new features in the recent releases:
    • Split Apps/Data directories for easy backups
    • Local homepages (for users of TiddlyWiki, etc)
    • Self-extracting packages (easy install, only 4.8MB download)
    • Few bug fixes
  • Sometimes when I open a JPG file or an html with lot of jpegs (or one BIG jpg), the browsing gets very slow, and everytime i move the mouse around, it jitters and kinda freezes.

    Has it happened to anyone of you guys?
  • by kwalker (1383) on Wednesday May 03, 2006 @12:37PM (#15254804) Journal
    This is sorta off topic, but relavant because of the new update.

    Where I work, I've been pushing hard to get the company to use Firefox instead of IE. I've got most people using it every day. However these are normal office workers, they don't click on the update icon (They don't even wonder about it), and I find that they're running an older version. Does anyone know of a way to add the update to a login script, so it is silently installed when they login? I've googled around, and maybe I'm not using the right search phrases, but I'm not finding anything useful. I'm even willing to download a whole new .exe file for 1.5.0.3 if I can figure out a way to have that auto-installed on the 35 machines here.
  • by brunes69 (86786) <slashdot@kei[ ]ead.org ['rst' in gap]> on Wednesday May 03, 2006 @02:22PM (#15255747) Homepage
    There is no such thing as a "denial of service" attack in a web browser. At worst it causes a crash, and potentially makes you lose unsaved data on some web forms.

    If we're calling anything that locks your browser a DOS now, then how come this bug [nyud.net], which is over 3 years old and seems dead simple to fix, is not? I can make a browser DOS on any web page I want:

    <script>
    while(true) alert('Boom!');
    </script>

    Such a piece of code does not trigger the "script is taking a long time" message because it fires alerts. And the alerts are content-modal so you can't do *anything* to close the browser or tab causing the alerts. You have to kill it off.

    No different from the "denial of service" bug mentioned in this posting.

  • I noticed some odd behavior after this update. Some pages had missing images. Clearing my cache fixed it. Not sure if it's the browser or a actual problem with the web sites. I only noticed a problem AFTER the update installed in the background AND went to the page. After restarting, I cleared cache and it's updated. One thing I wish would happen is that Linux distros would give us the choice of updating via the Firefox way or the Linux way (apt, yum or whatever).

This is an unauthorized cybernetic announcement.

Working...