[Branch] Firefox 2.0.0.5 fixlist (NOW RELEASED)

Discussion about official Mozilla Firefox builds
chob
Posts: 4283
Joined: May 17th, 2003, 12:05 pm
Location: London, UK

[Branch] Firefox 2.0.0.5 fixlist (NOW RELEASED)

Post by chob »

IRC channels: #firefox || #qa || #bugs
Hourly Branch builds: PROMETHEUS-VM (Lin) || BM-XSERVE02 (Mac) || PACIFICA-VM (Win) || Branch Tinderbox || Bonsai

Firefox 2.0.0.5 is now released! (2007-07-18)
Release Notes | Fixed Security Issues | Download Webpage | FTP
Bugs fixed for Firefox 2.0.0.5: ~99 in total; ~15 crashers, ~10 regressions, ~2 privacy-related bugs and ~12 where no information is available.

General Landings
  1. #140218 [Core:XP Toolkit/Widgets: Trees]-Crash dereferencing box the QI result of a null mTreeBoxObject [@nsTreeBodyFrame::SetView] [@ nsTreeBodyFrame::GetMinSize] [All]
  2. #312473 [Core:Installer: XPInstall Engine]-Extension update does not try authentication if needed (e.g. proxy auth at startup) [Win]
  3. #319934 [Core:XML]-Crash on quit just as an nsXMLHttpRequest is fired [@ nsContentUtils::GetDocShellFromCaller] [Mac]
  4. #320646 [Core:Build Config]-Cross compiling (targeting) mingw32 on linux [Lin]
  5. #323455 [Toolkit:XRE Startup]-Chrome override URIs not resolved [Lin]
  6. #326777 [Core:XPCOM]-Make sure that we push a null JSContext on the current thread's XPConnect stack before processing events. [All]
  7. #344228 [Core:XP Toolkit/Widgets: Trees]-Crash [@ nsTreeBodyFrame::VisibilityChanged] [@ nsGfxScrollFrameInner::SetScrollbarVisibility] [Mac]
  8. #355043 [Core:SVG]-Cairo on OS/2 should be initialized before using it [OS/]
  9. #358983 [Firefox:Password Manager]-Calling the password manager too early will make it never load or save passwords. [Lin]
  10. #370127 [Core:XPConnect]-Connect use a better parent for function creation. [All]
  11. #374102 [Core:Views]-Be more careful when detaching an old window [All]
  12. #374810 [Core:ImageLib]-Images crash-fix from libpng 1.2.17 [All]
  13. #375093 [Core:Event Handling]-Crash [@ nsTypedSelection::ScrollIntoView] when right-clicking paste in input which then gets destroyed oninput [Win]
  14. #375102 [Core:RDF]-Fix RDFXMLDataSourceImpl::rdfXMLFlush() to use safe output streams like nsBookmarksService::WriteBookmarks() to avoid writing a partial localstore.rdf to disk [All]
  15. #376573 [Core:ImageLib]-Large image crash [All]
  16. #377088 [Firefox:Software Update]-Add additional http header, or append to query string, so that AUS can differentiate between background updates and "Check For Updates" [All]
  17. #379241 [Firefox:Build Config]-Version/config bumps for Fx 2004 [All]
  18. #379314 [Core:ImageLib]-Clarify patch for bug 376328 [All]
  19. #379550 [Core:XPCOM]-Proposing threading safety patch for stable branch(es) [All]
  20. #380017 [Core:General]-MPL compliance: *ongoing* Intial Developers credits [All]
  21. #380398 [Toolkit:XRE Startup]-Appversion manifest flag is broken in certain situations [All]
  22. #380589 [Firefox:Session Restore]-Clear Private Data might miss some SessionStore data [All]
  23. #380842 [Core:Style System (CSS)]-[regression] table-cell :before/:after pseudo-element set to display:block show as display:inline [All]
  24. #380895 [Firefox:Build Config]-Clean up missing or unnecessary files in packages-static [Win]
  25. #380904 [Mozilla Localizations:ka-GE / Georgian]-Don't ship Georgian on the Mac [Mac]
  26. #380912 [Firefox:Phishing Protection]-"Get me out of here" link doesn't handle pipe-delimited home page [All]
  27. #381264 [Core]-Add support for IIS track [All]
  28. #382015 [Core:SVG]-Handle old/new API behavior of cairo_{fill,stroke}_extent on branch [Lin]
  29. #382744 [Core:XPConnect]-Backwards assertion checks in XPCNativeScriptableInfo::Construct [All]
  30. #382754 [Core:Events]-Don't fire mutation events when aNotify is false. [All]
  31. #383065 [Core:Widget: BeOS]-Back-port several nsWindow fixes to branch [BeO]
  32. #383424 [Core]-Make the context pusher use the owner document rather than the current document. [All]
  33. #384925 [Core:Plugins]-PFS doesn't allow for secure XPI downloads [All]
  34. #386561 [Core:Editor]-Page not painting properly [Lin]
  35. #386607 [Core:XP Toolkit/Widgets: Trees]-Fix Mac 1.8 branch regression from bug 344228 [All]
  36. #387979 [Core:DOM]-Can't access about:blank iframe after reload [Win]

Installer Landings
  1. #309496 [Firefox:Installer]-Firefox 1.0.7 clean install installs nsIQTScriptablePlugin.xpt to plugins folder [Win]
  2. #361402 [Firefox:Installer]-Installer does not automatically find path to existing installation when going from 1.5.0.x to 2.0.0.x [Win]
  3. #369221 [Firefox:Installer]-Fails to install with xpicleanup error message [Win]
  4. #384350 [Firefox:Installer]-Don't remove HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE key during reinstall / update [Win]
  5. #387373 [Firefox:Installer]-nsIQTScriptablePlugin.xpt isn't added to the uninstall log [Win]

Networking Landings
  1. #178993 [Core:Networking: Cookies]-MSIE-extension: HttpOnly cookie attribute for cross-site scripting vulnerability prevention [All]
  2. #368317 [Core:Networking: File]-temp files remain if MoveToNative fails in nsSafeFileOutputStream::Finish() [All]
  3. #378629 [Core:Networking]-SSL file uploads settle into oscillating pattern with very small packets [All]
  4. #383181 [Core:Networking: Cookies]-Prevent creating/overwriting HttpOnly cookies from web content [All]
  5. #387543 [Core:Networking: Cookies]-Web content can set httponly cookie by overwriting a non-httponly one [All]

Layout Landings
  1. #311659 [Core:Layout]-Crash [@ nsSplitterFrameInner::SetPreferredSize] with this testcase when resizing using xul:splitter [All]
  2. #344300 [Core:Layout]-Crash [@ nsFrameItems::AddChild ] on 1.8.0.5 and 1.8.1 branch [All]
  3. #368863 [Core:Layout]-Reparent floats when their placeholders are pulled through inlines. [All]
  4. #374102 [Core:Layout]-Don't create a widget if the view already has one and check error return code from CreateViewForFrame() [All]
  5. #378682 [Core:Layout]-Crash [@ nsPresContext::GetContainerInternal] [All]
  6. #382600 [Core:Layout: Form Controls]-[FIX]When an empty select box is disabled an XX is added to it (1.8 branch only) [All]
  7. #384344 [Core:Layout]-Disable floats within XUL [All]
  8. #385584 [Core:Layout: Canvas]-Crash [@ gfxPattern::gfxPattern] with toDataURL on large canvas [All]
  9. #385880 [Core:Layout: Tables]-[FIX]"ASSERTION: Non-row-group primary frame list child of an nsTableFrame?" with <xul> [Mac]

Security Landings
  1. #371858 [Core:Security]-[FIX]Pushing null JSContext on the stack doesn't prevent bogus subject principals [All]
  2. #379190 [Core:Security: PSM]-Crashes when loading chrome urls [Win]
  3. #380558 [Core:Security: PSM]-Some event waiting in PSM make the CPU wake from idle with no reason [Lin]
  4. #383478 [Core:Security]-File type confusion vulnerability due to null bytes in URL (encoded as %00) [Win]
  5. #385198 [Core:Security: PSM]-Upgrade NSS on Moz 1.8 branch to pick up new root CA certs [All]
  6. #387333 [Core:Security]-[FIX]unauthorized access to wyciwyg:// documents possible [All]

Disability Access Landings
  1. #376924 [Core:Disability Access APIs]-Don't cache frame pointers on accessibility nodes. [All]
  2. #380975 [Core:Disability Access APIs]-Branch null-ptr crashes in nsAccessibleHyperText (Linux only) [@ nsAccessibleHyperText::GetCaretOffset] [Lin]
  3. #381114 [Core:Disability Access APIs]-Crash [@ msaa/nsAccessibleWrap::NativeAccessible ] [Win]
  4. #383406 [Core:Disability Access APIs]-Firefox crashed when add bookmark with Orca running [@nsXULSelectableAccessible::RefSelection] [Ope]
  5. #386382 [Core:Disability Access APIs]-Shutdown the text/button/list child accessibles when the combobox is Shutdown. Initialize the sibling pointers correctly when creating said child accessibles [All]

DOM Landings
  1. #359821 [Core:DOM]-Firefox just crashes after about 10 minutes of use [@ nsHTMLDocument::GetElementById] [Win]
  2. #366417 [Core:DOM]-Adding <html> to XUL document no longer executes the script [Mac]
  3. #375399 [Core:DOM]-Make sure that the style context doesn't live too long. [All]
  4. #380383 [Core:DOM: Level 0]-[FIX]about:blank encoding is not consistent [All]
  5. #380476 [Core:DOM]-Don't fire timeouts in dead windows. [All]
  6. #381300 [Core:DOM]-Frame spoofing is possible within a short time frame while the window is loading. [All]

GFX Landings
  1. #351943 [Core:GFX: OS/2]-Browser crashes when trying to allocate large image [OS/]
  2. #362360 [Core:GFX: OS/2]-SVGs don't display with Matrox driver on OS/2 [OS/]
  3. #363592 [Core:GFX: Win32]-GCC build errors in nsImageWin.h and nsImageWin.cpp [Win]
  4. #365923 [Core:GFX]-Wallpaper GTK1 crash [@ SetFontCharsetInfo]. [All]
  5. #380100 [Core:GFX:Thebes]-Fix null-ptr dereference on OOM & Set pen->num_vertices to zero on error. [All]
  6. #380491 [Core:GFX: Win32]-Fx randomly fails to display non-BMP ideographs [Win]

Javascript Engine Landings
  1. #352882 [Core:JavaScript Engine]-Don't allow untrusted objects to QI to nsISecurityCheckedComponent [All]
  2. #358594 [Core:JavaScript Engine]-"Assertion failure: vlength > n" calling uneval(this) [All]
  3. #375976 [Core:JavaScript Engine]-Always use vp to root rtmp [All]
  4. #377090 [Core:JavaScript Engine]-Introduce API to null out and restore cx->fp on a JSContext [Mac]
  5. #379245 [Core:JavaScript Engine]-Fixing register restoration. [All]
  6. #380998 [Core:JavaScript Engine]-StackGrowthDirection is not reliable with Sun Studio 11 [Ope]
  7. #381374 [Core:JavaScript Engine]-Protect sprop across a potential GC [All]
  8. #382253 [Core:JavaScript Engine]-Proper error recovery for inline calls. [All]
  9. #382532 [Core:JavaScript Engine]-instanceof, etc. broken by use of |prototype| in heavyweight constructor [All]
Please beat up on these builds and report any new strangeness or regressions!
Last edited by chob on July 18th, 2007, 4:04 am, edited 6 times in total.
Old w3stfa11
Posts: 0
Joined: December 31st, 1969, 5:00 pm

Post by Old w3stfa11 »

Don't you mean 19th July 2007? ;)
The Ex Omega
Posts: 0
Joined: December 31st, 1969, 5:00 pm

Post by The Ex Omega »

Edit: Disregard.
Last edited by The Ex Omega on July 13th, 2007, 3:22 pm, edited 1 time in total.
chob
Posts: 4283
Joined: May 17th, 2003, 12:05 pm
Location: London, UK

Post by chob »

w3stfa11 wrote:Don't you mean 19th July 2007? ;)

Of course that's what I meant ;) I was just, er, testing everyone to spot the mistake.
User avatar
a;skdjfajf;ak
Posts: 17002
Joined: July 10th, 2004, 8:44 am

Post by a;skdjfajf;ak »

That's pretty much 'old' news it appears, and anyone running recent releases of java should be OK I'm guessing.

http://scary.beasts.org/security/CESA-2006-004.html
The Ex Omega
Posts: 0
Joined: December 31st, 1969, 5:00 pm

Post by The Ex Omega »

Dammit, I see now. Thanks.
petersaints
Posts: 110
Joined: July 14th, 2007, 11:29 am
Location: Portugal

Post by petersaints »

There's no Win32 other than en-US candidates =S

http://ftp.mozilla.org/pub/mozilla.org/ ... dates/rc2/

Not even on unsigned (there's just en-US there) =S
The Ex Omega
Posts: 0
Joined: December 31st, 1969, 5:00 pm

Post by The Ex Omega »

petersaints wrote:There's no Win32 other than en-US candidates =S

http://ftp.mozilla.org/pub/mozilla.org/ ... dates/rc2/

Not even on unsigned (there's just en-US there) =S


Have you clicked on that link lately?
-fullmetaljacket-
Posts: 308
Joined: September 21st, 2006, 8:30 pm
Location: Pilipinas

Post by -fullmetaljacket- »

does this latest rc contains the fix for the FirefoxURL bug?
User avatar
a;skdjfajf;ak
Posts: 17002
Joined: July 10th, 2004, 8:44 am

Post by a;skdjfajf;ak »

security green #6 https://bugzilla.mozilla.org/show_bug.cgi?id=387333 , shows check in and verified 7/10/07, so I'd say yes... the fix is in.
-fullmetaljacket-
Posts: 308
Joined: September 21st, 2006, 8:30 pm
Location: Pilipinas

Post by -fullmetaljacket- »

Littlemutt wrote:security green #6 https://bugzilla.mozilla.org/show_bug.cgi?id=387333 , shows check in and verified 7/10/07, so I'd say yes... the fix is in.


is that it? i was talking about this: http://secunia.com/cve_reference/CVE-2007-3670/
The Ex Omega
Posts: 0
Joined: December 31st, 1969, 5:00 pm

Post by The Ex Omega »

Is the final build number the same as the RC2 builds?
Warduke
Posts: 630
Joined: November 4th, 2002, 7:49 pm

Post by Warduke »

Omega X wrote:Is the final build number the same as the RC2 builds?


Yes.
Firefox : One Browser to Rule Them All.
User avatar
polidobj
Posts: 3147
Joined: March 31st, 2004, 9:10 am
Location: Maryland USA - im in ur tinderbox, crashtesting ur firefox

Post by polidobj »

-fullmetaljacket- wrote:
Littlemutt wrote:security green #6 https://bugzilla.mozilla.org/show_bug.cgi?id=387333 , shows check in and verified 7/10/07, so I'd say yes... the fix is in.


is that it? i was talking about this: http://secunia.com/cve_reference/CVE-2007-3670/
That doesn't look like the right bug. I don't know what the bug is. But it is fixed.
Brian J Polidoro - Today's bugs brought to you by Raid. :P
Windows7 - Firefox user since ~Feb 2002
itanshi
Posts: 28
Joined: January 4th, 2007, 9:08 am

Post by itanshi »

I'd like to point out that something changed here, perhaps in the API broke (not disabled) at least one extension as documented here: http://community.livejournal.com/ljlogin/2516.html

I'm wondering if any others may have been affected and what can be done about it.
Post Reply