Mozilla released Firefox 1.5 Beta 1 (code-named Deer Park) on Friday, a preview of the next major release of its popular open-source-based browser.
The company said the beta is intended for the early adopter community, Web site and Web application developers, and Firefox extension developers, and does not come with technical support.
Later in the day, Mozilla also announced it has posted a new workaround for a potentially serious security flaw in which hackers could remotely execute arbitrary code on an affected host.
The final 1.5 version will be released in November or December, Mozilla Corp. products manager Chris Beard told eWEEK.com. Beta 2 is expected in October, he said.
The release, which can be downloaded here, includes faster browser navigation with improvements to back and forward button performance, drag-and-drop reordering for browser tabs, and an upgrade in usability—including descriptive error pages, redesigned options menu, RSS discovery and "safe mode," Mozilla said.
There is added support for Mac OS X (v10.2 and greater), including profile migration from Safari and Mac Internet Explorer, and improvements to its popup blocking, the company said.
In extensions, Answers.com has replaced Dictionary.com for built-in dictionary lookup. "We received a lot of user requests for this," Beard said.
Beard said the application is faster overall thanks to the next-generation Gecko layout engine the application uses.
"There has been a full years worth of development on it, the code is a lot tighter, and it gets pages and renders them faster from the Web," Beard said.
Mozilla has taken a tip from Microsoft Corp. and other software makers in adding an automated update to streamline product upgrades. Notification of updates is more prominent, and updates to Firefox may now be half a megabyte or smaller. Updating extensions has also improved, Mozilla said.
The beta release apparently still has a serious security flaw involving buffer overflows. Security researcher Tom Ferris of Security-Protocols.com posted an advisory and a proof of concept about the buffer overflow security problem to his Web site Thursday night.
"A buffer overflow vulnerability exists within Firefox version 1.0.6 and all other prior versions (including the new beta) which allows for an attacker to remotely execute arbitrary code on a affected host," Ferris said. A bug fix was not issued for the vulnerability with the Friday release.