Firefox 2.0.0.4 has been released

Discussion of Firefox browser and its add-ons.
Locked
User avatar
The Masked Marauder
Emeritus Contributor
Emeritus Contributor
Posts: 131
Joined: Sat Apr 08, 2006 5:21 pm
Location: Raleigh, NC

Firefox 2.0.0.4 has been released

Post by The Masked Marauder »

Mozilla Firefox 2.0.0.4 is now available. Here are the download sites (it isn't on the web site yet, as of Wednesday, May 30 at 3:20 PM):

U.S. English, Windows version
http://www.mozilla.com/products/downloa ... lang=en-US

Other languages & operating systems
ftp://ftp.mozilla.org/pub/mozilla.org/f ... s/2.0.0.4/

Once you get into the directory, pick your operating system and then your language to get to the appropriate installer.

The release notes for 2.0.0.4 haven't been posted yet, either, so I don't know for sure what was fixed/enhanced/added. When I try to "sneak in through the back door" by modifying the current link with the new version number < http://www.mozilla.com/en-US/firefox/2. ... easenotes/ >, I get the notes for Release Candidate 3.

One note: Firefox 2.0.0.4 broke the Java console for Sun Java SE Runtime Environment 6 Update 1 (the latest release). This doesn't come as a surprise -- Firefox 2.0.0.3 broke the console for Sun Java SE Runtime Environment 6, too (which was probably the reason that Update 1 was released). I've never used the Java console, so I don't know if I'm missing anything. If Sun follows course, they'll release Update 2 in the next couple weeks to fix it.
"A doctor can bury his mistakes, but an architect can only advise his clients to plant vines."
- Frank Lloyd Wright
User avatar
The Masked Marauder
Emeritus Contributor
Emeritus Contributor
Posts: 131
Joined: Sat Apr 08, 2006 5:21 pm
Location: Raleigh, NC

Post by The Masked Marauder »

Here's the short list of the security issues that were fixed in Firefox 2.0.0.4:

MFSA 2007-17 (low) - XUL Popup Spoofing
MFSA 2007-16 (high) - XSS using addEventListener
MFSA 2007-14 (low) - Path Abuse in Cookies
MFSA 2007-13 (low) - Persistent Autocomplete Denial of Service
MFSA 2007-12 (critical) - Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)


Impact key
* Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
* High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
* Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
* Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs.
User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Location: New York, USA

Post by rick752 »

Thanks MM.

Already been using the 2.0.0.4 RC release for a while because of some of the bugs that are now fixed in Firefox regarding Adblock Plus.

I am totally excited about users finally getting this release as it now adds new power to ABP. Wladimir himself actually fixed this in Firefox to make ABP (and other things) work correctly ... and Mozilla accepted & implemented Wladimir's fix in this release. You are the man, Wladimir :D

Now you can look for a new designation-type called "other" as a definition of a blockable-type in Adblock Plus's "blockable items" now. Firefox has now allowed ABP to block different 'parts' of a flash object like in Yahoo Maps to block the ads contained under the map without blocking the whole map. This was not possible before. Those ads should now disappear automatically with my EasyList as soon as you install the Firefox 2.0.0.4 update where it wouldn't block them before with Firefox 2.0.0.3.
Last edited by rick752 on Sat Jun 02, 2007 1:23 am, edited 1 time in total.
"Experience is something you don't get until just after you need it"
User avatar
The Masked Marauder
Emeritus Contributor
Emeritus Contributor
Posts: 131
Joined: Sat Apr 08, 2006 5:21 pm
Location: Raleigh, NC

Post by The Masked Marauder »

rick752 wrote:Firefox has now allowed ABP to block different 'parts' of a flash object like in Google Maps to block the ads contained under the map without blocking the whole map.
Sweet! I fired up Yahoo Maps and saw that the ad in the lower left corner is now gone. Great job, Wladimir! :D
"A doctor can bury his mistakes, but an architect can only advise his clients to plant vines."
- Frank Lloyd Wright
IceDogg
Contributor
Contributor
Posts: 580
Joined: Tue Mar 21, 2006 9:50 pm

Post by IceDogg »

Has the third party thing been added in to this build as well or is that going to only make it into 3.0?
User avatar
rick752
Honorary Member
Honorary Member
Posts: 4508
Joined: Fri Dec 30, 2005 1:02 am
Location: New York, USA

Post by rick752 »

IceDogg wrote:Has the third party thing been added in to this build as well or is that going to only make it into 3.0?
I don't know.
I played with $third-party in the filtering when I first installed the 2.0.0.4 nightly, but it didn't seem to work. But I did notice that "other" appeared as blockable objects and knocked out those Yahoo Maps ads..

I'm not sure whether Firefox isn't ready to do it, or ABP isn't updated yet to do it .. or both ... or neither. You'd have to ask Wladimir because I just don't know, Dogg.
Last edited by rick752 on Sat Jun 02, 2007 2:10 am, edited 1 time in total.
"Experience is something you don't get until just after you need it"
IceDogg
Contributor
Contributor
Posts: 580
Joined: Tue Mar 21, 2006 9:50 pm

Post by IceDogg »

Ok, thanks for the reply Rick. I may do that when I find the old thread about that. LOL
Locked