__/ [cwdjrxyz] on Friday 03 February 2006 05:27 \__
> The Firefox 1.5 has a security update and becomes 188.8.131.52 after the
> update. If you did not customize the update feature after you installed
> 1.5, you likely will get an automatic update. In my case I got a screen
> today that said Firefox had downloaded the update. If you did not take
> it just then, you could cancel,and it then said it would update the
> next time you turned Firefox on. That is exactly what it did with no
> option to cancel the second time.
> If you wish to change the way Firefox updates, there are several
> options at tools tab > options > advanced. I was content with the
> automatic download and install.
This doesn't seem to be a crucial update
Firefox 184.108.40.206 is a stability and security update that is part of our
ongoing program to provide a safe Internet experience for our customers. We
recommend that all users upgrade to this latest version.
Here's what's new in Firefox 220.127.116.11:
* Improved stability.
* Improved support for Mac OS X.
* International Domain Name support for Iceland (.is) is now enabled.
* Fixes for several memory leaks.
* Several security enhancements.
MFSA 2006-08 "AnyName" entrainment and access control hazard
MFSA 2006-07 Read beyond buffer while parsing XML
MFSA 2006-06 Integer overflows in E4X, SVG and Canvas
MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist()
MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator
MFSA 2006-03 Long document title causes startup denial of Service
MFSA 2006-02 Changing postion:relative to static corrupts memory
I know MFSA 2006-03 quite well because its listing is rather amusing. If a
page contains a 4-million-character title string (which would take ages to
load), there is potential for buffer overflow and maybe a browser crash. I
think someone flagged it as a "critical" flaw at the time.