title: New Firefox 1.5 for Red Hat/CentOS link: https://onemoretech.wordpress.com/2008/02/10/new-firefox-15-for-red-hatcentos/ author: lembobro description: post_id: 561 created: 2008/02/10 20:32:51 created_gmt: 2008/02/10 20:32:51 comment_status: open post_name: new-firefox-15-for-red-hatcentos status: publish post_type: post

New Firefox 1.5 for Red Hat/CentOS

From Security Advisory RHSA-2008:0103-7, dated 2008-02-07, entitled “Critical: firefox security update”:

Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)

The new version is officially named firefox-1.5.0.12-9, and just became available from CentOS today.

I have temporarily removed the symlink to my install of Firefox 3 beta and installed this update to see if it cures the problem I had been having with the vendor-supplied version.

The only negative consequence I’ve seen so far is that my bookmarks needed a little trimming due to all the cruft that’s accrued since I started running Firefox 3 beta and Seamonkey.

Postscript:

Well that didn’t last long. I’m editing this post inside a Firefox 2 window on my trusty CentOS laptop. The latest Firefox 1.5 seemed pretty stable at first, but that stability was short lived. As a compromise I’ve gone back to an official Mozilla install of 2.0.0.12, which also crashes quite frequently, but includes a nifty add-on to restore your browser session to what it was before the crash. Unfortunately this doesn’t work where the page is protected by authentication, since your security token is lost with the crash.

Long live open source.

Copyright 2004-2019 Phil Lembo