Firefox Flaw Leads to Upgrade Encore

 
 
By Matthew Hicks  |  Posted 2005-07-18
 
 
 
A week after being told to update their browsers to fix security holes, Mozilla Firefox users are facing another upgrade in order to patch what the current version broke.

Over the weekend, developers released test builds of Firefox 1.0.6, an upgrade slated to replace a security release introduced last week.

Mozilla Foundation officials said Version 1.0.6 should be available for download within the next few days.

The sudden rush to update Firefox again resulted from the discovery of unintentional API flaws in Firefox 1.0.5, which have caused some incompatibility between the open-source browser and Web-based applications, Web content and software extensions, said Chris Hofmann, Mozillas director of engineering.

"Its a very small percentage of Firefox users that are affected by this directly, but there is a growing number of people building applications, content and extensions that rely on the [browser] platform," Hofmann said.

News of the re-release of Firefox was first reported on Saturday by Mozilla-related Weblogs and enthusiast site MozillaZine.org.

The Firefox browser makes wide use of extensions as a way for developers to add functionality ranging from toolbars to specialized search features.

To read more about last weeks Firefox security update, click here.

Last weeks Firefox 1.0.5 release was for the English-only version, but plans were in the works to follow it with localized versions in other languages. That plan has shifted following the discovery of the API issue.

Now, Mozilla plans to simultaneously release updates to the international versions of Firefox with the English release of Firefox 1.0.6, Hofmann said.

The delay in providing the security-oriented update beyond the English version has upset some developers representing the localized version, who complained on Mozilla blogs about a lack of clear communication from the Mozilla Foundation during the updating process.

The flaws in last weeks release also have delayed the updating of the Mozilla application suite, which bundles together a browser, e-mail application and Web page editing tool. Version 1.7.9 of the suite was due last week.

Click here to read about the Mozilla Foundations plans to stop developing its namesake suite.

Instead, Mozilla is skipping that update and planning to release Version 1.7.10 of the suite along with the Firefox and Thunderbird updates, Hofmann said.

Mozillas Thunderbird e-mail client, which was part of the security releases last week, also will be updated to Version 1.0.6 in order to fix the API flaw.

"Were working toward simultaneous releases of all those things as soon as we can in next couple days," Hofmann said.

Check out eWEEK.coms for the latest news, reviews and analysis about productivity and business solutions.

Rocket Fuel