MozillaZine

Mozilla Firefox 3.0.1 Released

Saturday July 19th, 2008

The first minor update to Mozilla Firefox 3 has been released. Firefox 3.0.1 fixes three critical security vulnerabilities, improves stability and resolves a handful of other small bugs.

The security fixes are detailed in the Firefox 3.0.1 section of the Security Advisories for Firefox 3.0 page. Two of the issues — one related to how Firefox handles command-line URLs to open multiple tabs and another allowing remote code execution by overflowing a CSS reference counter — were also present in Firefox 2 and fixed in Tuesday's Firefox 2.0.0.16 release. Security improvements in Firefox 3 mean that it's not vulnerable to some of the Firefox 2 variants of the command-line multiple tab exploit but it can still be compromised by combining the attack with a script injection flaw.

The final flaw only affects Mac OS X and allows an attacker to crash Firefox with a malformed GIF file, potentially gaining the ability to execute arbitrary code on the victim's computer. This vulnerability is not present in Firefox 2.

The non-security fixes include an issue where the phishing and malware database did not update on first launch and a problem that could cause Firefox to not save the security certificate exceptions list properly. A bug that could result in missing output when printing a selection from a page (bug 433373) was resolved and a Linux issue causing Firefox to always start in offline mode when using a PPP connection (bug 424626) was also fixed. The Public Suffix list has also been updated (bug 438585).

The Firefox 3.0.1 Release Notes have more details about the fixes in this minor upgrade. The new version can be downloaded from the Firefox product page or the Firefox 3.0.1 directory on releases.mozilla.org but most Firefox 3 users are expected to get it via the software update feature built in to the browser or their own operating system's update facility.


#5 No network access?

by skyemoor

Thursday August 28th, 2008 7:40 AM

You are replying to this message

Firefox recently automatically updated itself, and now it cannot access the Internet. Obviously, I have network access with Internet Exploiter, so why can't FF see the Internet?

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1