1.0.5

[Vallejo]

The productversion of release 1.0.5 is 1.7.9: 2005071118
So the same version of the zip-install should be expected in ftp://ftp.mozilla.org/pub/mozilla.org/f ... .win32.zip

Thank you very much, JanT, for the information, and thanks, Zachariah, for help on finding the version number This is exactly what I needed to know.

[Amsterdammer]

Waiting on local 1.0.5 versions since 3 days!

Why does mozilla make vulnerabilities public with the release of FF 1.0.5 en-US without releasing local versions ?

this is against the security policy of mozilla foundation, see http://www.mozilla.org/projects/securit ... olicy.html

Tens of milions of users (using mozilla autoupdate) are still using 1.0.4,
while critical security bugs are already published after en-US 1.0.5 release.

[Amsterdammer]

No comments?

Waiting on local 1.0.5 versions since 4 days!
http://www.mozilla.org/products/firefox/all.html

What's wrong with all these (more than 30) local versions signed "ready for staging" by local owners in bugzilla 1.0.5 shipping mail to Mozilla QA ?



I repeat: ten of million of users outside the USA are waiting on Mozilla autoupdate, while critical security bugs are already published and signed as "fixed in 1.0.5".

[krmathis]

Amsterdammer. Perhaps they realized they made a big mistake when they broke the API in 1.0.5 and wait for 1.0.6 to release localized builds?

When we realized we broke this API, we sat down, developed a plan to address it ASAP and are spinning up new builds as we speak.

http://weblogs.mozillazine.org/asa/archives/008524.html

[greenknight]

Afaik, none of these vulnerabilities has actually been exploited in the wild, so I wouldn't worry. I plan on waiting at least several days before installing the update, 'til the traffic dies down and any bugs have revealed themselves.