Mozilla Firefox 1.0.7 is loose. Go get it.

Word comes from the folks at MozillaZine that FireFox 1.0.7 has been released:

Fixes are included for the international domain name (IDN) link buffer overflow vulnerability and the Linux command line URL parsing flaw. There are also other security and stability changes, including a fix for a crash experienced when using certain Proxy Auto-Config scripts. In addition, some regressions introduced by previous 1.0.x security updates have been resolved.

The Mozilla Foundation previously issued a patch for Firefox 1.0.6 that protected users against the IDN link buffer overflow flaw at the expense of removing support for IDNs. Firefox 1.0.7 has a more permanent solution that does not involve disabling IDN functionality and any users who installed the patch will find that IDN support is restored when they upgrade.

An update for Mozilla fixing many of the same issues should be along soon.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.