Hourly Branch builds: PROMETHEUS-VM (Lin) || BM-XSERVE02 (Mac) || PACIFICA-VM (Win) || Branch Tinderbox || Bonsai
Firefox 2.0.0.5 is now released! (2007-07-18)
Release Notes | Fixed Security Issues | Download Webpage | FTP
- Adobe Flash Player v9.0.47.0 has been released, which may fix some crashes.
- Java(TM) SE Runtime Environment 6 Update 2 has been released, which may fix some crashes.
General Landings
- #140218 [Core:XP Toolkit/Widgets: Trees]-Crash dereferencing box the QI result of a null mTreeBoxObject [@nsTreeBodyFrame::SetView] [@ nsTreeBodyFrame::GetMinSize] [All]
- #312473 [Core:Installer: XPInstall Engine]-Extension update does not try authentication if needed (e.g. proxy auth at startup) [Win]
- #319934 [Core:XML]-Crash on quit just as an nsXMLHttpRequest is fired [@ nsContentUtils::GetDocShellFromCaller] [Mac]
- #320646 [Core:Build Config]-Cross compiling (targeting) mingw32 on linux [Lin]
- #323455 [Toolkit:XRE Startup]-Chrome override URIs not resolved [Lin]
- #326777 [Core:XPCOM]-Make sure that we push a null JSContext on the current thread's XPConnect stack before processing events. [All]
- #344228 [Core:XP Toolkit/Widgets: Trees]-Crash [@ nsTreeBodyFrame::VisibilityChanged] [@ nsGfxScrollFrameInner::SetScrollbarVisibility] [Mac]
- #355043 [Core:SVG]-Cairo on OS/2 should be initialized before using it [OS/]
- #358983 [Firefox:Password Manager]-Calling the password manager too early will make it never load or save passwords. [Lin]
- #370127 [Core:XPConnect]-Connect use a better parent for function creation. [All]
Installer Landings
- #309496 [Firefox:Installer]-Firefox 1.0.7 clean install installs nsIQTScriptablePlugin.xpt to plugins folder [Win]
- #361402 [Firefox:Installer]-Installer does not automatically find path to existing installation when going from 1.5.0.x to 2.0.0.x [Win]
- #369221 [Firefox:Installer]-Fails to install with xpicleanup error message [Win]
- #384350 [Firefox:Installer]-Don't remove HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE key during reinstall / update [Win]
- #387373 [Firefox:Installer]-nsIQTScriptablePlugin.xpt isn't added to the uninstall log [Win]
Networking Landings
- #178993 [Core:Networking: Cookies]-MSIE-extension: HttpOnly cookie attribute for cross-site scripting vulnerability prevention [All]
- #368317 [Core:Networking: File]-temp files remain if MoveToNative fails in nsSafeFileOutputStream::Finish() [All]
- #378629 [Core:Networking]-SSL file uploads settle into oscillating pattern with very small packets [All]
- #383181 [Core:Networking: Cookies]-Prevent creating/overwriting HttpOnly cookies from web content [All]
- #387543 [Core:Networking: Cookies]-Web content can set httponly cookie by overwriting a non-httponly one [All]
Layout Landings
- #311659 [Core:Layout]-Crash [@ nsSplitterFrameInner::SetPreferredSize] with this testcase when resizing using xul:splitter [All]
- #344300 [Core:Layout]-Crash [@ nsFrameItems::AddChild ] on 1.8.0.5 and 1.8.1 branch [All]
- #368863 [Core:Layout]-Reparent floats when their placeholders are pulled through inlines. [All]
- #374102 [Core:Layout]-Don't create a widget if the view already has one and check error return code from CreateViewForFrame() [All]
- #378682 [Core:Layout]-Crash [@ nsPresContext::GetContainerInternal] [All]
- #382600 [Core:Layout: Form Controls]-[FIX]When an empty select box is disabled an XX is added to it (1.8 branch only) [All]
- #384344 [Core:Layout]-Disable floats within XUL [All]
- #385584 [Core:Layout: Canvas]-Crash [@ gfxPattern::gfxPattern] with toDataURL on large canvas [All]
- #385880 [Core:Layout: Tables]-[FIX]"ASSERTION: Non-row-group primary frame list child of an nsTableFrame?" with <xul> [Mac]
Security Landings
- #371858 [Core:Security]-[FIX]Pushing null JSContext on the stack doesn't prevent bogus subject principals [All]
- #379190 [Core:Security: PSM]-Crashes when loading chrome urls [Win]
- #380558 [Core:Security: PSM]-Some event waiting in PSM make the CPU wake from idle with no reason [Lin]
- #383478 [Core:Security]-File type confusion vulnerability due to null bytes in URL (encoded as %00) [Win]
- #385198 [Core:Security: PSM]-Upgrade NSS on Moz 1.8 branch to pick up new root CA certs [All]
- #387333 [Core:Security]-[FIX]unauthorized access to wyciwyg:// documents possible [All]
Disability Access Landings
- #376924 [Core:Disability Access APIs]-Don't cache frame pointers on accessibility nodes. [All]
- #380975 [Core:Disability Access APIs]-Branch null-ptr crashes in nsAccessibleHyperText (Linux only) [@ nsAccessibleHyperText::GetCaretOffset] [Lin]
- #381114 [Core:Disability Access APIs]-Crash [@ msaa/nsAccessibleWrap::NativeAccessible ] [Win]
- #383406 [Core:Disability Access APIs]-Firefox crashed when add bookmark with Orca running [@nsXULSelectableAccessible::RefSelection] [Ope]
- #386382 [Core:Disability Access APIs]-Shutdown the text/button/list child accessibles when the combobox is Shutdown. Initialize the sibling pointers correctly when creating said child accessibles [All]
DOM Landings
- #359821 [Core:DOM]-Firefox just crashes after about 10 minutes of use [@ nsHTMLDocument::GetElementById] [Win]
- #366417 [Core:DOM]-Adding <html> to XUL document no longer executes the script [Mac]
- #375399 [Core:DOM]-Make sure that the style context doesn't live too long. [All]
- #380383 [Core:DOM: Level 0]-[FIX]about:blank encoding is not consistent [All]
- #380476 [Core:DOM]-Don't fire timeouts in dead windows. [All]
- #381300 [Core:DOM]-Frame spoofing is possible within a short time frame while the window is loading. [All]
GFX Landings
- #351943 [Core:GFX: OS/2]-Browser crashes when trying to allocate large image [OS/]
- #362360 [Core:GFX: OS/2]-SVGs don't display with Matrox driver on OS/2 [OS/]
- #363592 [Core:GFX: Win32]-GCC build errors in nsImageWin.h and nsImageWin.cpp [Win]
- #365923 [Core:GFX]-Wallpaper GTK1 crash [@ SetFontCharsetInfo]. [All]
- #380100 [Core:GFX:Thebes]-Fix null-ptr dereference on OOM & Set pen->num_vertices to zero on error. [All]
- #380491 [Core:GFX: Win32]-Fx randomly fails to display non-BMP ideographs [Win]
Javascript Engine Landings
- #352882 [Core:JavaScript Engine]-Don't allow untrusted objects to QI to nsISecurityCheckedComponent [All]
- #358594 [Core:JavaScript Engine]-"Assertion failure: vlength > n" calling uneval(this) [All]
- #375976 [Core:JavaScript Engine]-Always use vp to root rtmp [All]
- #377090 [Core:JavaScript Engine]-Introduce API to null out and restore cx->fp on a JSContext [Mac]
- #379245 [Core:JavaScript Engine]-Fixing register restoration. [All]
- #380998 [Core:JavaScript Engine]-StackGrowthDirection is not reliable with Sun Studio 11 [Ope]
- #381374 [Core:JavaScript Engine]-Protect sprop across a potential GC [All]
- #382253 [Core:JavaScript Engine]-Proper error recovery for inline calls. [All]
- #382532 [Core:JavaScript Engine]-instanceof, etc. broken by use of |prototype| in heavyweight constructor [All]