Firefox 2 News Archive and Update History
If you are already running Firefox, you can check your version by starting the browser on your system, tapping on the Alt-key once it is open, and selecting Help > About Firefox from the menu.
Firefox 2 News
Firefox 2.0 announcement
The Mozilla team finally uploaded version 2.0 final of Firefox to the main ftp server. It may take up to 24 hours, sometimes even more, before it is announced on the website as well. So, expect an announcement today or tomorrow. As always, you heard it here first.
If you want to be one of the first to download the new final version I suggest you do so with the links for: Windows or Mac / Linux.
The ftp may be really busy at the moment because the link will surely make its round on the Internet pretty fast. The version itself should not be that different to the release candidate 3 which was released just a few days ago.
The following changes are listed on the release notes page:
- Visual Refresh
- Advanced search
- Improved tabbed browsing
- Session Restore
- RSS feed subscriptions
- Inline spell checking
- Live titles
- Improved add-ons manager
- Extended search plugin format
- Extension system updates
- Client-side session and persistent storage
Some users who are experiencing bugs or are concerned about security may want to install the update as soon as it is available though so that they can fix bugs, improve stability or fix security issues that the update fixes.
The following link is to an ftp site that offers Firefox 2.0.1 for all supported operating systems and languages.
If you want to be fast go get it know, otherwise wait one more day and get it the regular way. If you are interested about the fixes in this version check out the mozillazine website which lists more than 150 fixes in Firefox 2.0.1. Of note are 42 bugs that crashed Firefox, 3 memory leaks and 4 privacy related bugs that have all been fixed in this release.
The release notes state that the developers fixed seven security issues. Other improvements include Windows Vista support and the addition of several new languages.
One critical security issue has been fixed, the other ones were high (1), moderate (3) and low (2). Just make sure you update as soon as possible and everything should be sorted out fine.
The languages that have been added are Afrikaans, Belorussian, Georgian and Kurdish. They are currently in beta phase and not available from the main Firefox download page.
What's new in Firefox 184.108.40.206
- Security updates were released.
- Support for Microsoft's Windows Vista was supported.
- Several languages have been added as beta releases.
- Fixed permission bugs in the German locale.
Firefox 220.127.116.11 resolves one security vulnerability in the web browser.
A malicious web page hosted on a specially-coded FTP server could use this feature to perform a rudimentary port-scan of machines inside the firewall of the victim. By itself this causes no harm, but information about an internal network may be useful to an attacker should there be other vulnerabilities present on the network.
Three critical, two high, one moderate and two low security vulnerabilities have been fixed in this release making it a must have update for every Firefox user.
If you happen to download the new Firefox release from the official website you should be aware that you download the full version which overwrites the previous version of Firefox if installed in the same directory. All of my installed extensions are compatible with the new release and I suppose that only a few will not work initially with this release. Below is the list of fixes in this release.
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escallation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
This version fixes the QuickTime Vulnerability which was discovered earlier on and it is recommended that Firefox gets updated as soon as possible. As usual Firefox has been updated for all supported operating systems and all localized versions are available as of now as well.
A new version of Firefox has been released today. It is already available on the official Mozilla website and through the update check in Firefox itself. Two critical, five moderate and two low security vulnerabilities have been fixed in the new version which makes it a recommended update for all Firefox users.
Am I the only one thinking that the rate of Firefox updates has increased in the last months? The new version of Firefox corrects several bugs that emerged for some users after upgrading to Firefox 18.104.22.168. The update to the new version is therefor mainly an stability update.
It fixes five bugs that have been bothering some users since the update. This includes a fix for Windows Vista users of Firefox who received Java not found or Java not working errors after the upgrade and the problem that add-ons were disabled after upgrading to the new version of Firefox.
Several websites are already reporting the release of the final Firefox 22.214.171.124 version. The update fixes the following security issues.
The Mozilla Firefox team has released Firefox 126.96.36.199 just two days ago but a bug discovered after the release prompted them to take immediate action. The bug is affecting an important HTML element interface which makes some extensions and websites unusable with that version of Firefox.
The new Firefox version got rid of that bug and is currently distributed to all primary and secondary mirror sites.
Version 188.8.131.52 is labeled as a security and stability update which means you will not see new features in this release.
The following security issues were fixed:
MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
MFSA 2008-18 Java socket connection to any local port via LiveConnect
MFSA 2008-17 Privacy issue with SSL Client Authentication
MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
MFSA 2008-15 Crashes with evidence of memory corruption (rv:184.108.40.206)
I suggest you update your version of Firefox 2 as soon as possible, users of Firefox 3 seem safe for now and do not have to do anything. The same issue will also be fixed in upcoming releases of Thunderbird and Seamonkey which are not yet available for download.
The update is a security and stability update which should be available right now from the official download page.
That page is unfortunately down at the moment as are the release notes for that new version. Not exactly sure what's going on currently because the main pages and the developer news website with the announcement is reachable. The update can also be installed by checking for updates in Firefox 2. This can be done in the HELP menu.
The website is working again. The direct download link and the release notes are now accessible. The update fixed four critical, four high, 2 moderate and 2 low security vulnerabilities. Make sure to update asap.
The following security issues were fixed in Firefox 220.127.116.11:
- Crash and remote code execution in block reflow
- Remote site run as local file via Windows URL shortcut
- Peer-trusted certs can use alt names to spoof
- File location URL in directory listings not escaped properly
- Faulty .properties file results in uninitialized memory being used
- Arbitrary socket connections with Java LiveConnect on Mac OS X
- Arbitrary file upload via originalTarget and DOM Range
- Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
- Chrome script loading from fastload file
- Signed JAR tampering
- Crashes with evidence of memory corruption (rv:18.104.22.168)
The update is a security update that fixes two critical security vulnerabilities that allow remote code execution and the opening of multiple tabs if Firefox is not running. Take a look at the Mozilla Foundation Security Advisory articles here and here if you want to read up on the vulnerabilities.Advertisement