Thanks to grnemo for the heads up...
On Thursday of last week, Mozilla released a minor upgrade to Firefox which included seven security fixes, four of which the company considered "critical." In addition to the patches, the update also included improvements to the product"s stability. Of the critical updates, a RSA signature forgery flaw, a memory corruption vulnerability, and two JavaScript issues were remedied.
Updates to 1.5.0.7 include:
- Improvements to product stability
- Several security fixes:
- MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
- MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
- MFSA 2006-61 Frame spoofing using document.open()
- MFSA 2006-60 RSA Signature Forgery
- MFSA 2006-59 Concurrency-related vulnerability
- MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
- MFSA 2006-57 JavaScript Regular Expression Heap Corruption