Wayne said:
Hello John:[email protected]# said:I wonder why, if it's a patch, they make the download so obscure on
their page. If it's NOT a patch, I'm not going to do a total reinstall
of the program in order to accomplish a simple security fix.
[email protected]# said:I wonder why, if it's a patch, they make the download so obscure on
their page. If it's NOT a patch, I'm not going to do a total reinstall
of the program in order to accomplish a simple security fix.
Kerodo said:There's no patch available. You have to install the entire new package.
Unfortunately 1.7.2 still has some bugs that I find annoying, so I'm
using the latest 1.8.x nightlies, which, strangely enough, seem to be
cleaner.
Wayne said:Hello John:
Don't worry about uninstall. You can run the full install and it will
update accordingly.
I've just did it.
If the security issue doesn't apply to Millennium
Edition, then I guess I wouldn't really need to do the update.
I was unable to discover whether or not this is the case, but I
did find this link:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2
[email protected]# said:By the way, another question I have is which versions of Windows the
security hole affects. If it doesn't affect Millennium Edition, then
there's no need for me to bother with the update.
»Q« said:Those three bugs were in all versions of Mozilla on all platforms.
Kerodo said:I would assume that it affects all versions of Windows...
I just looked up the bugs and yes, they do. Still, I'm not going to
get into this business of updating every week and will take my chances.
My ISP recently upgraded my lowest cost DSL service from 640K to 1500K
download without charging extra (they are meeting competition from a
local internet cable provider). Took only a couple of minutes to d/l
and install 1.7.2 over 1.7.1
I know it would be a PITA on dialup (and on a slow PC). Yet, I'd
probably do it anyway. Seems to me the Moz developers are doing a good
job so far of staying ahead of actual exploits,
unlike the situation
with IE. Makes sense to stay with them, though if I was on dialup I
might limit my downloading of new versions to a max frequency of maybe
once every 2-4 weeks. And it would depend on the severity of the known
vulnerability that was fixed. This last one ... the buffer overflow
and possible hack to root access .... was a surprise ... and very
serious.
(e-mail address removed) wrote:
I'm on a fiber optic connection and downloading is very fast. The
downloading isn't the problem, it's the reconfiguring that's often
necessary afterward. I use several Mozilla extensions and sometimes
some of them quit working when I update.
*sigh* I looked up the bugs and all three bug report pages said that
they affected all OSes and all versions of those OSes listed in the
dropdowns on those pages.
Updating Mozilla for small issues is about as appealing as installing
all the Microsoft "updates" to my OS and-or Internet Explorer. I might
be more inclined to do so if they came as small patches, but
reinstalling the whole program is entirely another deal.
just take my chances and leave things as they are.
It's your computer, but I strongly advise against it. The buffer
overflows in libpng looks very serious.