Linux.com

Home News Software Applications Firefox 3.5.1 Released to Patch TraceMonkey Vulnerability

Firefox 3.5.1 Released to Patch TraceMonkey Vulnerability

Article Source Ars Technica
July 19, 2009, 5:35 pm
companion photo for Firefox 3.5.1 released to patch TraceMonkey vulnerability

Mozilla has announced the availability of Firefox 3.5.1, the first minor point release in the 3.5 series. The purpose of this release was largely to patch a critical security vulnerability that was found in the browser's new TraceMonkey JavaScript engine.

In a report submitted to Mozilla's bug tracking system on July 9, Firefox user "zbyte" described a bug that causes the browser to crash when text is typed into an input box in the site apport.ru. Firefox developers attempted to isolate the bug and produce a minimal test case that exhibits the crash. They determined that the apport.ru crasher was triggered by a certain usage of JavaScript's "escape" function, which performs string encoding. The underlying problem, however, is a tracing bug.


 

Comments

Subscribe to Comments Feed

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board