Firefox 2.0.0.4 changelog

Release Notes | Fixed Security Issues | FTP

  • Adobe Flash Player v9.0.45.0 has been released, which may fix some crashes.
  • Shockwave Player v10.2.0.022 has been released, which may fix some crashes.
  • Java(TM) SE Runtime Environment 6 is now recommended, which may fix some crashes.

    • Bugs fixed for Firefox 2.0.0.4: ~117 in total (~24 crashers, ~2 memory leaks, ~18 regressions, ~2 privacy-related bugs and ~12 which are security-sensitive.)

    General Landings

  • 85872 [Core:Style System (CSS)]-Inheritance from elements with display:table-cell broken [All]
  • 99236 [Core:RDF]-localstore.rdf should be deleted when it is corrupt [All]
  • 247116 [Firefox:Toolbars]-Web pages bounce/shake/jump when “Bookmarks Toolbar Items” is empty and placed to right of menu bar [All]
  • 304690 [Core]-Be a little more careul with inheriting principals [All]
  • 316569 [Core:XTF]-Memory leak in XTF when using nsXTFInterfaceAggregator [All]
  • 346994 [Firefox:File Handling]-Remove leading dot (period) (.) from suggested filename for saving (save file) [All]
  • 356007 [Toolkit:Satchel]-Crashes [@ nsFormFillController::OnTextEntered] [All]
  • 363618 [Firefox:Software Update]-only add What’s New tab on Software update restart [All]
  • 364112 [Core:Satchel]-prevent huge form values (unlikely to be reused) from filling up the user’s formdata file [Mac]
  • 367428 [Core:Network]-Tighten resource protocol parsing [All]
  • 367792 [Core:Java to XPCOM Bridge]-Crash when running Java unit tests that call initXPCOM [All]
  • 368754 [Core:Printing]-[PS] Partially transparent images should blend to white [Lin]
  • 368979 [Toolkit:XULRunner]-Enable to use mozStorage component with xulrunner1.8.1 [Lin]
  • 369216 [Core:XBL]-[FIX]Crash [@ NS_GetInnermostURI] when calling addBinding with null as the second parameter [All]
  • 369410 [Core:Java to XPCOM Bridge]-Provide API for wrapping XPCOM and Java objects [All]
  • 370582 [Firefox:OS Integration]-”Minefield Safe Mode” context menu on windows start menu internet shortcut is broken [Win]
  • 370860 [Firefox:Phishing Protection]-A very long URI hangs under phishing protection code [All]
  • 371123 [Core:XML]-XMLHttpRequest should trigger content policies [All]
  • 371309 [Firefox:Migration]-Migration Wizard explicitly sets a homepage which is wrong when using a distribution [All]
  • 371409 [Firefox:Phishing Protection]-canonicalNum_ fails with 7 hex digits [All]
  • 372236 [Firefox:OS Integration]-Internet Shortcut (.url) icons are now icons of Firefox instead of a page with a Firefox icon on it [Win]
  • 372285 [Core:Cairo]-clean up some cairo checks [All]
  • 373228 [Core:Network]-prevent cookies with long paths from taking too much space [All]
  • 373794 [Core:ImageLib]-EXC_BAD_ACCESS crash with gif image [All]
  • 373908 [Firefox:Software Update]-Software update hangs part way though, chews CPU [Mac]
  • 373952 [Core:GFX: Win32]-CJK native font names are not recognized on non-CJK Windows [Win]
  • 373955 [Core:File Handling]-[FIX]/etc/mailcap takes precedence on GNOME mime preferences [Lin]
  • 374881 [Firefox:Keyboard Navigation]-textbox.focus() causes Up, Down, Page Up, Page Down, Home and End keys to not function on other sites. [Win]
  • 375114 [Firefox:OS Integration]-After MS Office is updated the user is prompted to set Firefox as the default browser even though it already is the default browser [Win]
  • 375196 [Core:Event Handling]-crashes [@ nsVoidArray::RemoveElementsAt][@ nsTextControlFrame::FireOnInput] [All]
  • 375677 [Firefox:Bookmarks]-Deleting 5 or more bookmarks at once in Bookmark Manager (FF 2.0.0.3) seriously messes up the bookmark handling [Win]
  • 375710 [Firefox:Software Update]-Firefox wants to downgrade to 2.0.0.2 from 2.0.0.3 [Win]
  • 376328 [Core:GFX]-normalize file urls used in moz-icon [All]
  • 377017 [Core:Style System (CSS)]-Javascript - crash on accessing a css rule after deleteRule() [@ nsCSSSelector::ToStringInternal] [All]
  • 378795 [Core:Editor]-nsEditorSpellCheck is not automatically picking and setting a dictionary when spellchecker.dictionary is empty [Win]
  • 379722 [Toolkit:XRE Startup]-Starting Firefox or Thunderbird 2.0.0.4 prints “Handling command line!” [Lin]
  • 379738 [Firefox:General]-Error “entry point GetLongPathNameA could not be located” under NT 4.0 starting Firefox 2.0.0.4 RC1 [Win]
  • 380429 [Firefox:Search]-Default search engine not preserved when updating from 2003->2004RC2 [All]

    • Widget Landings

  • 329394 [Toolkit:XUL Widgets]-XUL textbox in XHTML page: focusing gives document.commandDispatcher has no properties [All]
  • 335028 [Core:Widget: Gtk]-Firefox 1.5.0.2 Linux topcrash [@ IM_get_input_context] [Lin]
  • 350018 [Core:Widget: Cocoa]-nsIFrame code returns coordinates with (0, 0) in bottom-left on mac [Mac]
  • 353716 [Core:Widget: Mac]-crash on quit [@ nsMacEventHandler::HandleMouseMoveEvent] or [@ nsMacEventHandler::ConvertOSEventToMouseEvent] [Mac]
  • 359192 [Core:Widget]-Use close button in dialogs in some cases [Mac]
  • 368501 [Core:XP Toolkit/Widgets: Menus]-Table Properties Windows Cut Off [All]
  • 371200 [Core:XP Toolkit/Widgets: XUL]-Every nsXULTooltipListener listens for pref change to update a global variable. [All]
  • 371828 [Core:Widget: Cocoa]-Need to generate events for modifier key events (Cocoa widgets) [Mac]

    • Security Landings

  • 335801 [Core:Security: UI]-Loading a cert URL can make an http page look like https (gold address bar, lock icon) [All]
  • 368126 [Core:Security: PSM]-client abandons SSL connection during bad cert dialogs [All]
  • 370555 [Firefox:Security]-URL bar not always updated when scripts interact with about:blank windows [All]
  • 371375 [Core:Security]-[FIX]Websites can test for URLs visited (pdp Firefox Cache Hack - Firefox History Hack redux) [All]

    • SVG Landings

  • 354587 [Core:SVG]-SVG drawn by javascript incompletely rendered [Lin]
  • 358930 [Core:SVG]-Firefox 2.0 doesn’t respect SVG gradient spreadMethod=”pad” [Lin]
  • 372232 [Core:SVG]-text inside won’t render in FF 2.0.0.2 (it shows in DOM tree). However, it renders inside 2.0.0 and 2.0.0.1. [Win]
  • 376509 [Core:SVG]-Leak of nested [All]

    • Plug-in Landings

  • 282933 [Core:Plug-ins]-Page crashes Firefox [@ nsObjectFrame::PluginNotAvailable] [Win]
  • 299054 [Core:Plug-ins]-Mozilla Plug-In API Proposal: Plugin able to Read Response Headers [All]
  • 373818 [Core:Plug-ins]-Default Plug-in’s InfoPlist.strings is a broken .strings file (typos) [Mac]
  • 375435 [Core:Plug-ins]-URLs requested by plugins should trigger content policies [All]
  • 376395 [Core:Plug-ins]-New version of JEP (0.9.6.1), please land on trunk and branches [Mac]
  • 377779 [Core:Java Embedding Plugin]-New version of JEP (0.9.6.2), please land on trunk and branches [Mac]

    • DOM Landings

  • 172261 [Core:DOM: Level 0]-[FIX]Permission denied to call JS methods defined in Window after pressing back button [All]
  • 343999 [Core:DOM]-window.home() incorrectly handles multiple home pages specified with | [All]
  • 366818 [Core:DOM]-crash [ @ nsDOMConstructor::HasInstance] [Win]
  • 371124 [Core:DOM]-Fix a few crashes caused by a null prototype. [All]
  • 376987 [Core:DOM]-Add missing code to event listener registration helper code. [All]
  • 377356 [Core:DOM]-Move code around to ensure security checks are always done against the right object [All]

    • Layout Landings

  • 000000 [Core:Layout]-Make sure table pseudos are captured when creating listbox content. [All]
  • 280610 [Core:Layout: Form Controls]-Kids of fieldset should have it as style context parent [Lin]
  • 306533 [Core:Layout: Block and Inline]-[FIX">##!!! ASSERTION: out of bounds: 'PRInt32(aIndex) >= 0 && aIndex
  • 317876 [Core:Layout: Tables]-Crash with evil testcase on hovering after reload with display:table-row, display:inherit [Win]
  • 323656 [Core:Layout]-[FIX]Frames with anonymous box inside cause broken inheritance [All]
  • 348492 [Core:Layout:MathML]-Frames not destroyed with and [All]
  • 370092 [Core:Layout: Form Controls]-Focus change between onKeyDown and onKeyPress, allowing to read arbitary files using (Zalewski Firefox focus stealing vulnerability) [All]
  • 370360 [Core:Layout:Tables]-limit array access when a rowspan points to a already pushed row [All]
  • 372237 [Core:Layout]-Be more consistent about skipping out-of-flow frames during deletion. [All]
  • 374193 [Core:Layout]-[FIX]Crash [@ nsCSSFrameConstructor::GetFrameFor] with mtable, th and an xbl binding [All]
  • 374570 [Core:Layout]-constrain popups to frame area [All]
  • 377216 [Core:Layout]-Recalc quotes and counters before reflow. [All]
  • 377603 [Core:Layout]-[FIX]Inner tables should not get parent style based on outer table pseudo [All]
  • 378273 [Core:Layout]-Lookup the view again since WillPaint() might lead to its destruction. [All]

    • RSS Feed Landings

  • 357371 [Firefox:RSS Discovery and Preview]-update URL used for default Google Reader plugin [All]
  • 372283 [Firefox:RSS Discovery and Preview]-preview layout issues when feed includes html in CDATA [Win]
  • 373340 [Firefox:RSS Discovery and Preview]-atom:logo in feed reading view [All]
  • 373546 [Firefox:RSS Discovery and Preview]-URIs in are recognized as valid links of feed items in the feed reading view [All]
  • 375215 [Firefox:RSS Discovery and Preview]-FeedWriter fails for feeds with text/html content type [All]
  • 375588 [Firefox:RSS Discovery and Preview]-FeedWriter should pull image from accessor, not property bag [Lin]

    • JavaScript Engine Landings

  • 000000 [Core:JavaScript Engine]-More script object ordering issues [All]
  • 361856 [Core:JavaScript Engine]-Assertion failure: overwriting @ js_AddScopeProperty with certain watcher functions [All]
  • 366975 [Core:JavaScript Engine]-js_NewGCThing asserts !flbase[flindex] because it assumes GC stays locked across last-ditch GC [Lin]
  • 367630 [Core:JavaScript Engine]-Save SP before potentially calling out of the JS engine. [All]
  • 368213 [Core:JavaScript Engine]-Crash [@ js_EmitTree] with group assignment and sharp variable definition [All]
  • 368859 [Core:JavaScript Engine]-large sharp variable numbers are silently rounded down [All]
  • 369404 [Core:JavaScript Engine]-Assertion failure: !SPROP_HAS_STUB_SETTER(sprop) || (sprop->attrs & JSPROP_GETTER) [All]
  • 369666 [Core:JavaScript Engine]-inner function declaration in let-induced outer function body block gets wrong scope [All]
  • 369805 [Core:JavaScript Engine]-”Assertion failure: cx->lockedSealedScope != newscope” in jslock.c on startup [All]
  • 370490 [Core:JavaScript Engine]-Spidermonkey 1.6 release and HEAD fail to build with JS_C_STRINGS_ARE_UTF8 due to use of cx in jsopcode.c [All]
  • 373072 [Core:JavaScript Engine]-XML.prototype.namespace() does not check for xml list [All]
  • 373082 [Core:JavaScript Engine]-Simpler sharing of XML and XMLList functions [All]
  • 374106 [Core:JavaScript Engine]-E4X XMLList.contains halts execution when there is a complex match [Mac]
  • 374112 [Core:JavaScript Engine]-This use of E4X setName causes “Assertion failure: !IS_EMPTY(nameqn->uri)” [Mac]
  • 374116 [Core:JavaScript Engine]-Crash [@ JS_GetPrivate] with E4X [All]
  • 374160 [Core:JavaScript Engine]-Crash [@ JS_InstanceOf] with E4X..@c[0] = 3 [Mac]
  • 374877 [Core:JavaScript Engine]-Update JS_GetImplementationVersion() for 1.6.1/1.7rc [All]
  • 375711 [Core:JavaScript Engine]-Change the order of these operations. [All]
  • 377896 [Core:JavaScript Engine]-StartNonListXMLMethod should contain return NULL, not return JS_FALSE [All]

    • Leave a Reply