Firefox 2.0.0.2 has been released

Discussion of Firefox browser and its add-ons.

Moderator: EasyList authors

Post Reply
User avatar
The Masked Marauder
Emeritus Contributor
Emeritus Contributor
Posts: 131
Joined: Sat Apr 08, 2006 5:21 pm
Reputation: 0
Location: Raleigh, NC

Firefox 2.0.0.2 has been released

Post by The Masked Marauder » Fri Feb 23, 2007 3:14 pm

Mozilla Firefox 2.0.0.2 is now available. Here are the download sites (it isn't on the web site yet, as of Friday, February 23 at 10 AM):

U.S. English, Windows version
http://www.mozilla.com/products/downloa ... lang=en-US

Other languages & operating systems
ftp://ftp.mozilla.org/pub/mozilla.org/f ... s/2.0.0.2/

Once you get into the directory, pick your operating system and then your language to get to the appropriate installer.
"A doctor can bury his mistakes, but an architect can only advise his clients to plant vines."
- Frank Lloyd Wright

User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Reputation: 0
Location: New York, USA

Post by rick752 » Mon Feb 26, 2007 1:32 am

Got it MM ... all seems well so far. Thanx :)
"Experience is something you don't get until just after you need it"

IceDogg
Contributor
Contributor
Posts: 580
Joined: Tue Mar 21, 2006 9:50 pm
Reputation: 0

Post by IceDogg » Mon Feb 26, 2007 6:25 am

Yea, I'm using this now. I think I'm going to give up nightlys for a while like I did last time when lots of things were going on. I'll let it settle down some then I'll use them as they get closer to completion.

What is amazing is how fast 2.0.0.2 is and that the nightlys are even faster.. and you would think they will get even better as they trim the code and work out memory issues.

User avatar
The Masked Marauder
Emeritus Contributor
Emeritus Contributor
Posts: 131
Joined: Sat Apr 08, 2006 5:21 pm
Reputation: 0
Location: Raleigh, NC

Post by The Masked Marauder » Mon Feb 26, 2007 7:52 pm

Here are the things that got fixed in Firefox 2.0.0.2:

Critical
* onUnload + document.write() memory corruption
* Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)

High
* Embedded nulls in location.hostname confuse same-domain checks

Moderate
* Mozilla Network Security Services (NSS) SSLv2 buffer overflow
* XSS and local file access by opening blocked popups
* Information disclosure through cache collisions

Low
* Spoofing using custom cursor and CSS3 hotspot
* Improvements to help protect against Cross-Site Scripting attacks

More details:

Firefox fix lances memory corruption bug
http://www.theregister.com/2007/02/26/firefox_update/

IceDogg
Contributor
Contributor
Posts: 580
Joined: Tue Mar 21, 2006 9:50 pm
Reputation: 0

Post by IceDogg » Mon Feb 26, 2007 8:23 pm

Here is a more complete list of changes, not for those that don't want to know the details and/or read a lot. I counted (roughly) 148 bug fixes listed.

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Fri Mar 02, 2007 2:52 pm

I dunno whether it's to do with this release, but ever since I updated I'm seeing more certificate alerts than before. I hardly ever saw any previously, and on sites I visit regularly, the screen pops up and I click to allow for this session. A good example is anything to do with mozilla.org.

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Tue Mar 06, 2007 4:13 pm

No-one experienced this issue then?

User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Reputation: 0
Location: New York, USA

Post by rick752 » Tue Mar 06, 2007 4:23 pm

No, not at all, Tony.
Is it just that 'first-time' alert that you haven't told yet, "Don't alert me again"?

AMO is a secure site and will pop up an alert to tell you about that if you haven't disabled that popup yet.
"Experience is something you don't get until just after you need it"

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Wed Mar 07, 2007 4:54 pm

To best illustrate this, I went to http://www.mozilla.com and clicked on the link for Firefox Add-ons (https://addons.mozilla.org). This is when I get the attached alert. Obviously, if I allow for "this session", I don't get this alert again till another time.

My point is that prior to this release of Firefox, i.e. v2.0.0.2, I don't recall seeing such pop-ups.
Attachments
unknownauth.jpg
screenshot of popup showing website certified by unknown authority
unknownauth.jpg (15.78 KiB) Viewed 11049 times

User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Reputation: 0
Location: New York, USA

Post by rick752 » Wed Mar 07, 2007 5:29 pm

Tools ... options .... security.

Turn off the "forgery" settings.
"Experience is something you don't get until just after you need it"

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Wed Mar 07, 2007 6:38 pm

You don't mean turn off the anti-phishing element surely?

User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Reputation: 0
Location: New York, USA

Post by rick752 » Wed Mar 07, 2007 6:50 pm

TonyW wrote:You don't mean turn off the anti-phishing element surely?
Just trying to check for reasons why it's doing that to you. It doesn't do that here and I don't seem to be able to reproduce it.
"Experience is something you don't get until just after you need it"

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Wed Mar 07, 2007 6:53 pm

This appears to have been a problem in nightly builds:

http://forums.mozillazine.org/viewtopic ... b514370866

To which patches were deployed:

https://bugzilla.mozilla.org/show_bug.cgi?id=362980

However, it seems I'm not the only one to suffer this problem still.

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Wed Mar 07, 2007 8:05 pm

Further to my last post, I took the step of uninstalling Firefox completely and re-installing it.

At the moment, that seems to have cured the problem, but I can't verify till I've done a bit more surfing.

All I know is that when I went to mozilla.com and the Add-ons link as described above, no certificate dialog box appeared, but the usual encryption alert box came up as transferring from unencrypted to encrypted.

TonyW
Site Member
Site Member
Posts: 15
Joined: Fri Mar 02, 2007 12:28 am
Reputation: 0
Location: UK

Post by TonyW » Wed Mar 07, 2007 11:44 pm

TonyW wrote: At the moment, that seems to have cured the problem, but I can't verify till I've done a bit more surfing.
Just to confirm things are fine now. :)

How strange, must have been something wrong with previous installation.

User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Reputation: 0
Location: New York, USA

Post by rick752 » Wed Mar 07, 2007 11:53 pm

I'm glad that everything is OK now Tony.

On a personal note, I do not like running 'partial' upgrades to my Mozilla software (personally, I don't like running 'upgrades' for pretty much ANY software). I always feel much better using the full version for a new upgrade.

I always do an uninstall/reinstall of the Mozilla program(s) when a new release comes out (doesn't affect any of your own settings at all). It may take a little longer to do, but I have used Firefox since it was called Phoenix and have never had a problem caused by a new update if I do an uninstall/reinstall of it.

On the other hand, I know people who have had problems from running just the 'upgrade'. Many of the problems cause by that were fixed simply by removing and reinstalling the newer FULL version.
"Experience is something you don't get until just after you need it"

Post Reply