Netscape 6.2.3 ReleasedWednesday May 15th, 2002Netscape today released a new version of its Mozilla-based browser. Netscape 6.2.3 is a minor update that fixes the recently discovered XMLHttpRequest security vulnerability. Like the other Netscape 6.2 releases, this latest version is based on the Mozilla 0.9.4 branch. You can download the release from Netscape's web site or FTP server. Since this was a big security fix, why didn't Netscape just update the branch to anywere between 0.9.5-0.9.9 and make it a 6.3? "Since this was a big security fix, why didn't Netscape just update the branch to anywere between 0.9.5-0.9.9 and make it a 6.3?" This was an unplanned release. Netscape's next planned release was (and still is) MachV. They only released 6.2.3 because of the security hole. Adding in additional features and enhancements would have required extra testing and would have delayed the release. Alex - suprised it's still based on the .9.4 branch........ That way they can tout new features and speed improvements in the upcomming 1.0 based release. And NS release an 8Mb security patch. From bug http://bugzilla.mozilla.org/show_bug.cgi?id=144227: From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0rc2) Gecko/20020506 Netscape/7.0b1 BuildID: 2002050606 I do not think anybody gets excited about Netscape upgrades anymore. All of my attempts to get friends to use Mozilla failed due to crashing or its appearance. I think I finally have a chance to get one person to use it because he has two new favorite sites whose big annoyances are popup ads. I am very concerned about these release candidates because they have numbers. That creates the possibility that the Mozilla project will reach RC50 and still be incomplete. I think it was bad to change the name to "release candidate" in order to gain temporary publicity. That will lessen the appeal of an actual release candidate. Umm... they're called "release candidates" because they are, in fact, release candidates. They have numbers so you can tell them apart, as you don't know in advance which one you are going to release (if you did, there'd be no point in having release candidates at all!). In principle, the final release should be identical in all but version number to the final release candidate. I don't know if mozilla.org are going to do it that way in practice. The temptation to fix "one last bug" may be too strong. Personally, I'd be happy to see a couple more release candidates, but at some point they have to call it a day. There's always 1.0.1, anyway. Maybe they shouldn't be adding features anymore, though. Like http pipelining (which is great, but gave me problems) and mail-cookies. I have not noticed new features being checked in to the 1.0 branch. The two items that you mention are not new features. HTTP pipelining support was added to Mozilla over a year ago (see http://bugzilla.mozilla.org/show_bug.cgi?id=2487). There have been some recent bug fixes related to pipelining, but pipelining is not new. "Mail-cookies" is not a feature; I believe what you are referrin to is a security fix. RC1 was definitely not a release candidate, in other words, there was no possibility that the final release version would be identical to RC1, so RC1 was not a candidate for being the final release. This information was clearly available (on this site when RC1 was first posted) and I don't know why you're confused about it. They may turn into release candidates (I think everyone knew that some fixes would be needed after RC2 as well, but maybe 3 will be a genuine RC), I don't know what the thinking is on that. (Of course the complaint about 'release candidates' being numbered is pretty silly... and it's clearly *not* going to drag on forever, I agree on that part.) --sam (noticing that this text box appears to be screwed [I'm using RC2].... very strange, haven't seen textarea problems for a while....) << due to crashing >> Well that's not surprising with pre-release software. RC2 now crashes and locks up less often than IE for me. << or its appearance >> Can you elaborate? What is it about Mozilla's appearance that made your friends not want to use it? 1.0 is planned after RC2 and should be released by the end of theis month. Besides the 1.0 Party is in the beginning of June and Mozilla can't miss its own party can it :) I'm posting here because the topic is related to security. Go there http://www.interneteraser.com/error.html With IE5/6 for Windows, it uses an iframe from where you browse the contents of your root directory. With Mozilla, the iframe is empty. Is it possible to send this information to the other side or it is just a silly trick for scaring IE users ? (the site promotes an internet security application). The iframe is just point to file://c:/ which in IE will list your folders/files but it basically harmless, this is just a scam and I would avoid their software, which is probably just advert junk. Thank you for the respose. I was aware of the "file:" trick but I was wondering if there is a way for a site (using js, not a simple iframe) to get the result of the directory listing. You can't script between frames (or iframes) that are from different domains or that use different protocols (http://, https:// and file:// at least -- dunno about ftp://, gopher://, etc.). |