 |
|
|
Mozilla has recently released its latest browser update, Firefox 3.05, which fixes several security issues and offers a few other changes, including a clearer way to communicate to users about their rights. There are eight security issues, three of them being rated “critical”, one rated “high” and one rated “moderate”. The other security issues are rated as “low.” The security fixes address cross-site scripting (XSS) vulnerabilities in SessionStore. This basically reloads Web pages that were open during a previous session. XSS flaws could allow JavaScript privilege escalation and crashes with memory corruption.
Furthermore, the update addresses several stability issues, too, and is now available for the Bengali, Esperanto, Galician, Hindi and Latvian languages. However, the most interesting change in Firefox 3.05 is that it does away with the End User License Agreement (EULA), replacing it with a “Know Your Rights” info bar that gets loaded when the browser is first installed. In order to display it, a user must type “about:rights” into the location bar. Even if this is not an important change for the many Firefox users who never bother to read legalese, the change addresses criticism from the free open source software community.
Mozilla also launched a patch for Firefox 2.0.0.19, but an error caused the company to omit one of the key components. Mozilla will release Firefox 2.0.0.20, which will include the omitted patch, as early as Friday and no later than Monday. Yesterday's update was supposed to be the last for Firefox 2.0, which is slated for retirement. Only the Windows version was affected by this mistake, as the Mac and Linux editions contain all 10 fixes.
© 2007 - 2009 - eFluxMedia
