Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Flawed Release Forces Firefox Update

By Nate Mook, BetaNews

July 18, 2005, 1:38 PM

Just days after the release of Firefox 1.0.5, Mozilla engineers were busy working to complete version 1.0.6 after API changes were found to have broken third-party extensions. Localized versions of the browser were also put on hold due to the impending update, which angered translators.

Firefox and Mozilla's Thunderbird e-mail client will move to 1.0.6, and the Mozilla Suite will be updated to 1.7.10.

"There is a very real chance that some of the general security improvements may impact a number of extensions that worked with 1.0.4 and earlier, and we want to identify and address as many of these as possible before we release 1.0.6," developers wrote in a Web log posting.

Plans to quickly release 1.0.6 meant work on localized versions were halted, leaving some upset with the news.

"Tens of millions of users are still using 1.0.4 while critical security bugs are already published after [the] en-US 1.0.5 release. I want to say that this seems to be absolutely ignored by [the] Mozilla Foundation," wrote Polish translator Zbigniew Braniecki.

The Mozilla Foundation today issued candidate builds of version 1.0.6 in preparation for a final release.

"Mail handling extensions such as Enigmail for Thunderbird and the Mozilla Suite should also be tested heavily. Any other extensions should be tested normally to ensure that they continue to operate without issues," developers said.

Add a Comment (37 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By MJChappell

edited Jul 30, 2005 - 2:33 AM

I updated the browser, and then it said that all my extensions were disabled, how do I re enable them, or do I have to un install them all then re insatll them ? Email me w/ an answer pls

Score: 0

By farsun

edited Jul 22, 2005 - 9:09 AM

Very disappointed about new thunderbird release 1.0.6. Memory leaks, program hanging, slowing down even 3GHz+, 512 RAM PC :(

Score: 0

By amnon

posted Jul 19, 2005 - 8:40 PM

When will Netscape 8 be updated with this new code?

Score: 0

By amnon

edited Jul 19, 2005 - 8:41 PM

When will Netscape 8 be updated with this new code?

Score: 0

By yleclerc

posted Jul 19, 2005 - 10:59 AM

Why aren't people wising up? There does not seem to be any secure Windows software. Problems/flaws always come up.

Score: 0

By Metshrine

posted Jul 19, 2005 - 12:15 PM

You havent subscribed to a linux security mailing list have you, I get about 15-20 emails every day with flaws found in different packages for linux. Please get your facts straight

Score: 0

By yleclerc

posted Jul 19, 2005 - 12:33 PM

I was not commenting on Linux. I do not know of any software (Windows or others) that has ever been secure.

Score: 0

By Metshrine

edited Jul 19, 2005 - 2:37 PM

Collectorz.com products, Roboform, Ad Muncher, Filezilla, Media Player Classic to name a few. I've never seen a single flaw in PSPad editor that presented a security issue

Score: 0

By yleclerc

posted Jul 20, 2005 - 4:38 PM

PSPad does not normally have "direct" Internet access. It just allows us the change text in files. Just because you does not see a flaw yourself does not mean there isn't any! If a software does not contain a flaw, then why does most software get "incremental" revisions?

Score: 0

By Pipewrench

edited Jul 18, 2005 - 9:46 PM

Blah blah blah blah blah....

IE vs. Firefox.......blah blah blah.

Just use what you guys want and shut up.

You look like idiots.

Score: 0

By crashoverride

posted Jul 19, 2005 - 12:44 AM

My thoughts exactly. I don't see it as fault of mozilla myself. The people making the extensions should have to fix their extensions to work with changes in the browser. Then again if it went like that Mozila would really be like Microsoft. Mozilla really is better than MS in this respect. When MS puts out an update that breaks something you don't see them going back to fix it. Whoever makes the software that's broken by the MS update has to fix it themselves, even though it was MS that broke it.

Score: 0

By mjm01010101

posted Jul 19, 2005 - 5:06 AM

See Windows NT4 SP6a? You know why it's an "a"? Because they fixed an issue with Lotus Notes. Microsoft constantly works around other vendors skirting Windows Development practices. ANd without complaint. Don't expect future support, though, and why should they? progress moves on.

Score: 0

By bourgeoisdude

posted Jul 20, 2005 - 10:44 AM

Oh yeah--forgot about that...

Score: 0

By jackamus

posted Jul 18, 2005 - 8:39 PM

Some mistakes happen. I'll say that Firefox is a better browser for me. I enjoy using it far better than IE. In time Firefox will get better. All in good time.

Score: 0

By daa

posted Jul 18, 2005 - 8:18 PM

I guess it isn't so secure after all.... I think I'll stay with internet explorer.

Score: 0

By daa

posted Jul 20, 2005 - 10:01 AM

Well, I am just tired of hearing all the crap about how bad Microsoft is. Everyone was touting about how IE was a piece junk and that everyone should switch to Firefox. All I can say to firefox is.. Welcome to the big league! Let's see if their update/patch process is effective. I doubt that there will ever be a completely safe system, so let's stop griping about who's taking over the world (or not).

Score: 0

By spiffyjeff

posted Jul 19, 2005 - 3:19 AM

ok, but before i join you, what makes IE more secure? is it that they are quicker to fix holes? or do they just not have any? or are you just a strong MS lover that you are looking for any reason to call a good one for using MS?

Score: 0

By LowG

edited Aug 18, 2005 - 7:02 PM

IE isn't more or less secure, per se. Microsoft does, however do automatic updates without you even paying attention to it at least monthly, sometimes weekely. I'd say it's to Mozilla's credit that they're only on version 1.0.6! When did you last check the version number of IE? "6.0.2900.2180.xpsp_sp2_gdr.050301-1519"??? How many hundreds of revisions is that?

Score: 0

By PHaze1106

edited Jul 18, 2005 - 8:32 PM

What are the odds that you would actually have someone try to hack your system anyway?

Score: 0

By iamtux

posted Jul 18, 2005 - 7:17 PM

wow i've been using 1.0.5 since it came out... haven't noticed anything wrong with it. guess i'll wait for this new version to come out... hope they get it right the first time this time... they've had a great track record so far, t'would be a shame to scar it now.

Score: 0

By zridling

posted Jul 18, 2005 - 4:19 PM

1.05 was unusable. Hurry up!

Score: 0

By Maxwolf

posted Jul 18, 2005 - 4:10 PM

A hacked website and flawed code? Wow, they are human.

Score: 0

By notbeinguseful

edited Jul 18, 2005 - 7:16 PM

it wasn't their site, it was a promotional site

Score: 0

By school1012

posted Jul 18, 2005 - 5:30 PM

Just like Microsoft

Score: 0

By Vacendak1

edited Jul 18, 2005 - 10:04 PM

Not like Microsoft. Look at the timeframe it takes to update. This update is not even a security update. This is an update to fix the ability for firefox to work with "programs" written but other people. This link is a microsoft flaw that hasn't even been fixed even though they have know about it for a much longer timeframe and is a MUCH bigger deal
http://www.betanews.com/...ical_XP_Flaw/1121709676

Score: 0

By bourgeoisdude

posted Jul 19, 2005 - 12:52 PM

Well, let's at least be fair, you're comparing a web browser to an Operating System here...

Score: 0

By iamtux

posted Jul 18, 2005 - 7:16 PM

That's an insult to Mozilla :p

Score: 0

By Maxwolf

posted Jul 19, 2005 - 11:26 AM

Amen. Browser wars here remind me back in the days of BBS babble involved the AppleII and the C64. Personally I liked the C64 because they had auto-config software for a ROM writer I really liked. Plus the AppleII needed the almighty CAPS LOCK upgrade.

Score: 0

By Kramy

edited Jul 18, 2005 - 3:45 PM

Ahh...no system restore point? =(

That sucks twosheds, but I'd bet it's the extension's fault.

Score: 0

By twosheds

posted Jul 18, 2005 - 3:18 PM

Just spent a miserable weekend reinstalling my XP system after Firefox 1.0.5 went into an unstoppable and disastrous loop when trying to install a new extension. It's the worst software-induced damage I've suffered in years. Going to be reeeeeeal slow in updating to the latest versions from now on, amd if that means my version of Firefox is blocked from the extensions site, thanks, I'll wait anyway.....

Score: 0

By glib

posted Jul 19, 2005 - 1:38 PM

out of interest, what was the extension?

Score: 0

By Maajid

posted Jul 18, 2005 - 3:01 PM

"2. Everything has problems: FF will never be perfect, nor MS, or Opera or whatever I missed."

No offence but I am just sick and tired of hearing that one. I just wish everyone, by now, would be smart enough to pick that one up by themselves rather than saying, 'Microsoft sucks' etc.

Score: 0

By school1012

posted Jul 18, 2005 - 5:32 PM

Totally agree.

Score: 0

By bourgeoisdude

posted Jul 18, 2005 - 2:29 PM

FF is patching systems almost as much as MS now, meaning:

1. They are big enough to be targeted specifically by hackers;

2. Everything has problems: FF will never be perfect, nor MS, or Opera or whatever I missed.

3. Your thoughts towards Microsoft may be negative as far as security, but let it be known that the fact that someone releases alot of critical updates does not in and of itself make them a bad product (in fact I argue that more updates = more security generally speaking).

Score: 0

By sophist_dreams

edited Jul 18, 2005 - 3:39 PM

1. Mozilla corrects their flaws as soon as practicable when/after they are discovered, Microspud waits at least a month.

2. This issue was discussed on the MozillaZine website on Saturday, 16 July and the Release Candidate for FF 1.0.6 was issued on that same day, the release Candidate for TB 1.0.6 was issued Sun the 17th (again Betanews seems to be a day late and a dollar short).

Quotes From The MozillaZine web site:

"In comment 45 of bug 300028, Rafael Ebron said yesterday, "We received feedback on 1.0.5 from distributors and extension developers on API changes that affected them (not a security issue), so we're looking at a 1.0.6 to fix it." It is known that the Enigmail PGP extension for Thunderbird does not work in version 1.0.5."

"At the moment, the 1.0.5 releases of Firefox and Thunderbird are only available in American English (en-US). No localised builds have been placed online for download and localisation teams have been asked not do any further work on the 1.0.5 releases. It appears that these localised editions of 1.0.5 will be skipped altogether, with the next localised release being 1.0.6".

End Quote

Since the Release Candidates of both TB and FF 1.0.6 are already out one can assume that the localised versions wont be far behind.

Despite Nate Mook's sensationalist headline neither 1.0.5 version of TB and FF were a "flawed release" in the sense of some major security or non operational issue, it appears that two or three extensions were broken by the API changes. None of the 12 extensions I use in FF or the 10 extensions I use in TB were affected by the way, but I updated to 1.0.6 yesterday just to be sure.

Score: 0

By JEdwardP

posted Jul 18, 2005 - 4:21 PM

I've been using 1.05 since the day it was released, and NONE of the extensions I use were adversely affected by it. In fact, for whatever reason, two of my extensions are working significantly better in 1.05 than they had in 1.03 and 1.04, so I won't bother to install the 1.06RC.

I will, however, install the 1.06 final, just as I would any new release version.

Score: 0

By whitedragon

posted Jul 18, 2005 - 4:57 PM

Exactly the same for me. No problems with 1.05 whatsoever. But I will go to 1.06 when it's final.

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue