Mozilla Firefox 1.5.0.2 is now available fixing five bugs that
developers have tagged as “critical.”
Mozilla Foundation Security Advisory (MFSA) 2006-20 is a fix for crashes
that were caused by DHTML
According to the advisory, “some of
these crashes showed evidence of memory corruption that we presume could be
exploited to run arbitrary code with enough effort.”
MFSA 2006-22 is titled, “CSS Letter-Spacing Heap Overflow Vulnerability” and
could have potentially led to a condition whereby and attacker could run
arbitrary code.
MFSA 2006-24 also carriers a “critical” rating and involves a privilege
escalation flaw in the crypto.generateCRMFRequest method.
Versions of Firefox prior to the new 1.5.0.2 release were also
potentially susceptible to a flaw which could have put them at risk simply
by doing a “Print Preview.” MFSA 2006-25, titled, “Privilege escalation
through Print Preview,” addresses this flaw.
MFSA 2006-28 fixes a flaw that allowed a JavaScript security check function
to be circumvented.
The new Firefox isn’t just a security update; it also provides universal
binary support for Apple MAC OSX on Intel Core processors.
A number of crash conditions are fixed, including the No. 2 most reported
crash in Firefox, Bugzilla Bug 317865. The bug is related to something called “last-ditch garbage
collection” (LDGC) on the JavaScript allocator.
A bug that caused Firefox to crash when loading Google’s Gmail in a
separate tab (number 48 on the top crash list for Firefox) is also repaired
in the new release.
Firefox stability is improved in the release thanks to a trio of memory
leak fixes. One of the fixed memory leak scenarios was triggered by sampling
using the “Find” feature in the browser.
The 1.5.0.2 release is the second point upgrade for Firefox this year. 1.5.0.1 was
released in February. Firefox’s 2.0 release is currently in alpha.