Once more unto the breach, dear friends, once more.
Mozilla has plugged a few holes in Firefox 1.5.x for what
ostensibly may turn out to be the last time. The final release of Firefox
18.104.22.168 accompanies the release of Mozilla’s current standard bearer Firefox
22.214.171.124, both of which are being patched for at least five flaws.
Only one is critical. Mozilla Foundation Security Advisory 2007-12 details a flaw about a
memory crash that could potentially lead to arbitrary file execution.
There is also a fixed flaw for a potential cross-site scripting issue that
One particularly annoying bug related to Mozilla’s form auto-complete
function has also been repaired in the latest Firefox releases.
impact,” the flaw could have enabled a denial-of-service attack. Filling a text field with millions of characters and submitting the form will cause the victim’s browser to hang for up to several minutes while the form data is read, and this will happen the first time auto complete is triggered after every browser restart.
The Firefox 126.96.36.199 release is expected to be the last official Mozilla
release in the Firefox 1.5.x product line, which was first launched in November 2005. The release of Firefox 2.x in October superseded 1.5.x as Mozilla’s flagship browser line.
“Mozilla typically maintains support for previous releases for six months after a major release,” Mozilla developer Basil Hashem wrote in a mailing list posting. “Mozilla has previously extended the planned end of life for
the 1.5.0.x series in order to accommodate some recent changes in update
Mozilla will help its legacy users migrate to Firefox 2.x with an
automatic browser update notice at some point in the next several weeks,
prompting them to upgrade up to Firefox 188.8.131.52.