Mozilla Firefox 126.96.36.199 Released with Fix for firefoxurl:// Exploit
Wednesday July 18th, 2007
Mozilla Firefox 188.8.131.52 has been released and is currently being distributed to Firefox 2 users via the application's built-in software update system. The browser upgrade fixes several security bugs, which are detailed in the Firefox 184.108.40.206 section of the Mozilla Foundation Security Advisories page.
Firefox 220.127.116.11 includes a fix for the firefoxurl:// security exploit, which allows an attacker to use Microsoft Internet Explorer to trick Firefox into executing malicious code. Whether Firefox or IE is responsible for the flaw has been a matter of debate over the past week. The Mozilla Foundation security advisory about the firefoxurl:// issue maintains that it's a problem in IE and notes that other applications could be exploited in the same way. Others have argued that it's Firefox's responsibility to vet incoming data (something 18.104.22.168 now does).
Firefox 22.214.171.124 can be downloaded from the Firefox product page. The Firefox 126.96.36.199 Release Notes contain more general information about the upgrade. A similar update for Mozilla Thunderbird is expected shortly.
#8 Re: x86_64 Linux version ?
Thursday July 19th, 2007 10:40 AM
You are replying to this message
There is no official x86_64 version for Linux directly from Mozilla (never has been). You can build it yourself if you like, I believe there are instructions for this floating around the internet.
Typically, if you have an x86_64 Linux distro, an x86_64 version of Firefox is provided by the people behind it and updates are delivered through the distro's online package system. (This is how it is in Fedora anyway, which I use from time to time.)