The Conservative Cave
The Help Desk => Computer Related Discussions & Questions => Topic started by: Wretched Excess on April 17, 2008, 11:54:34 AM
-
Latest Firefox update (2.0.0.13) causes crashes, possible hole
While there is no evidence of an exploit as of yet, Mozilla is taking a proactive measure to fix the issue before it could be.
A problem with stability which resulted in crashes and evidence of memory corruption was remedied in Firefox 2.0.0.13, however apparently the fix did not completely close any holes.
In fact, it seems as if it introduced new stability issues, where crashes occurred during JavaScript garbage collection. That feature allows a developer to reclaim the memory occupied by strings, objects, arrays, and functions that are no longer in use.
"We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past," Mozilla said in an advisory.
Thunderbird is also affected, however JavaScript needs to be enabled. By default, this is not, and Mozilla said it discourages users from running scripts within mail.
JavaScript garbage collection problems have cropped up in the past. In February 2006, Mozilla addressed several issues within Firefox 1.5 which also posed a memory corruption and arbitrary code risks.
linky (http://www.betanews.com/article/Latest_Firefox_update_causes_crashes_possible_hole/1208442989)
heads up, FF users. I stuck with 2.0.0.11, and do have periodic java issues.
-
I no more posted that link than mozilla tried to push 2.0.0.14 to my desktop. I'll d/l it later tonight.
the link to d/l 2.0.0.14 is here (http://developer.mozilla.org/devnews/index.php/2008/04/16/firefox-20014-security-and-stability-update-now-available-for-download/)
-
Oh damn.
And it was just three hours ago that I downloaded an update on firefox.
-
Oh damn.
And it was just three hours ago that I downloaded an update on firefox.
click on Help --> About Mozilla Firefox
you may have gotten the "fixed" update.
-
Okay, will do.
later: it says 2.0.0.14.
still later: I went to your link about deleting, but it doesn't show anything about deleting.
-
Okay, will do.
later: it says 2.0.0.14.
then you're cool, frank. or as cool as mozilla can make you right now, anyway. you must have gotten in just
under the wire. :wink:
-
Okay, will do.
later: it says 2.0.0.14.
then you're cool, frank. or as cool as mozilla can make you right now, anyway. you must have gotten in just
under the wire. :wink:
Okay, I'm back to being copacetic. Thanks.
-
Okay, will do.
later: it says 2.0.0.14.
then you're cool, frank. or as cool as mozilla can make you right now, anyway. you must have gotten in just
under the wire. :wink:
Okay, I'm back to being copacetic. Thanks.
you were a copacetic guy before. you were just a copacetic guy with a
potentially unstable browser. :-)
-
I went straight to .14 also
-
I guess running the No Script Add-On to Firefox stopped me having any problems? :tinfoil: