PDA

View Full Version : Security updates available for Firefox 4.0.1 and 3.6.17

lotuseclat79
April 29th, 2011, 12:09 PM
Firefox 3.6.17 (https://www.mozilla.com/en-US/firefox/all-older.html) download (International locales).

Firefox 4.0.1 (https://www.mozilla.com/en-US/firefox/all.html) download (International locales).

-- Tom
JRViejo
April 29th, 2011, 01:33 PM
FYI. Mozilla Firefox, Portable Edition 3.6.17 and 3.5.19 Legacy (web browser) Released (http://portableapps.com/news/2011-04-28_-_firefox_portable_3.6.17_released), courtesy of PortableApps.com.
ronjor
April 29th, 2011, 09:29 PM
-{ Quote: "Mozilla patches Firefox 4, fixes programming bungle
Closes eight holes in new browser, including ASLR oversight


By Gregg Keizer, Computerworld


Mozilla on Thursday patched Firefox 4 for the first time, fixing eight flaws, including a major programming oversight that left the browser as vulnerable to attack on Windows 7 as on the 10-year-old Windows XP.

The company also plugged 15 holes in the still-supported Firefox 3.6, and issued its last security update for Firefox 3, which debuted in mid-2008.

Mozilla patched a total of 20 bugs in all versions of Firefox, 17 of them rated "critical," the company's top-most threat warning in its four-step scoring system.

Firefox 4.0.1, the first update to that browser since its March 22 launch, fixed seven critical flaws and one rated "low."" }-http://www.networkworld.com/news/2011/042911-mozilla-patches-firefox-4-fixes.html
siljaline
April 30th, 2011, 03:40 AM
Vulnerabilities and fixes adressed in Firefox 4.0.1 (http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1)
lotuseclat79
April 30th, 2011, 07:58 AM
Note; Mozilla also fixed Thunderbird. See: Mozilla patches Firefox and Thunderbird (http://www.h-online.com/security/news/item/Mozilla-patches-Firefox-and-Thunderbird-1234784.html).

-- Tom
Escalader
April 30th, 2011, 09:40 AM
FWIW, I have updated my Windows 7 64 bit FF now to 4.0.1.

RANT BEGINS

What I find so frustrating is the seeming inability of all these SW providers to properly test their products before inflicting them on us users (me!) Then even after the "bug" is fixed according to THEM it reoccurs in later updates.

The vendors seem to have no-organizational ability to learn from their own errors and prevent them from reoccurring.

The bugs are10 years old in XP? Nobody noticed? How unacceptable is that?

IF they did do proper vulnerabilities testing, IMHO NONE of these vulnerabilities would exist EVER!

When INTEL bought McAfee ( what a choice) and I began to think that we may see os's and security software hosted in chips. I thought at 1st great the bad guys won't be able to mess with these things any more.

Now all I see with that is the buggy dumb error repeating vendor logic will get locked in chips and we will spend the next 10 years doing flash updates like for BIOS!

END of April Rant