September 2005
Mozilla - Firefox 1.0.7 Released
ID: 00821
Ref: 765/05
Date: 21 September 2005:14:39:24
Version: 1
Title: Mozilla - Firefox 1.0.7 Released
Abstract: This version includes several security and stability fixes, including a fix for a reported buffer overflow vulnerability and a fix for a Linux shell command vulnerability.
Vendors affected: Mozilla
Operating systems affected: Mozilla
Applications affected: Mozilla
Title
=====
Mozilla - Firefox 1.0.7 Released
Detail
======
Mozilla have made Firefox 1.0.7 available for download. The following is an extract
from the Release Notes for this version:
" Firefox 1.0.7 is a security and stability release. We strongly recommend that all
users upgrade to this latest version.
This version includes several security and stability fixes, including a fix for a
reported buffer overflow vulnerability and a fix for a Linux shell command
vulnerability.
Specific changes in Firefox 1.0.7
* Fix for a potential buffer overflow vulnerability when loading a hostname with all soft-hyphens
* Fix to prevent URLs passed from external programs from being parsed by the shell (Linux only)
* Fix to prevent a crash when loading a Proxy Auto-Config (PAC) script that uses an "eval" statement
* Fix to restore InstallTrigger.getVersion() for Extension authors "
The full release notes, and links to downloads, can be found at the following URL:
http://www.mozilla.org/products/firefox/releases/1.0.7.html