Firefox 2.0.0.5 is available for download.there is this mentioned that crashes based on memory corruption is fixed.Let's wait and see ;)
Fixed in Firefox 2.0.0.5

MFSA 2007-25 (http://www.mozilla.org/security/announce/2007/mfsa2007-25.html) XPCNativeWrapper pollution
MFSA 2007-24 (http://www.mozilla.org/security/announce/2007/mfsa2007-24.html) Unauthorized access to wyciwyg:// documents
MFSA 2007-23 (http://www.mozilla.org/security/announce/2007/mfsa2007-23.html) Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 (http://www.mozilla.org/security/announce/2007/mfsa2007-22.html) File type confusion due to %00 in name
MFSA 2007-21 (http://www.mozilla.org/security/announce/2007/mfsa2007-21.html) Privilege escalation using an event handler attached to an element not in the document
MFSA 2007-20 (http://www.mozilla.org/security/announce/2007/mfsa2007-20.html) Frame spoofing while window is loading
MFSA 2007-19 (http://www.mozilla.org/security/announce/2007/mfsa2007-19.html) XSS using addEventListener and setTimeout
MFSA 2007-18 (http://www.mozilla.org/security/announce/2007/mfsa2007-18.html) Crashes with evidence of memory corruption
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.5
http://www.mozilla.com/en-US/
Mozilla Firefox 2.0.0.5 Released with Fix for firefoxurl:// Exploit

Wednesday July 18th, 2007

Mozilla Firefox 2.0.0.5 has been released and is currently being distributed to Firefox 2 users via the application's built-in software update system. The browser upgrade fixes several security bugs, which are detailed in the Firefox 2.0.0.5 section of the Mozilla Foundation Security Advisories page (http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.5).
Firefox 2.0.0.5 includes a fix for the firefoxurl:// security exploit (http://www.mozillazine.org/talkback.html?article=22198), which allows an attacker to use Microsoft Internet Explorer to trick Firefox into executing malicious code. Whether Firefox or IE is responsible for the flaw has been a matter of debate over the past week. The Mozilla Foundation security advisory about the firefoxurl:// issue (http://www.mozilla.org/security/announce/2007/mfsa2007-23.html) maintains that it's a problem in IE and notes that other applications could be exploited in the same way. Others have argued that it's Firefox's responsibility to vet incoming data (something 2.0.0.5 now does).
Firefox 2.0.0.5 can be downloaded from the Firefox product page (http://www.mozilla.com/firefox/). The Firefox 2.0.0.5 Release Notes (http://www.mozilla.com/firefox/2.0.0.5/releasenotes/) contain more general information about the upgrade. A similar update for Mozilla Thunderbird is expected shortly.
http://www.mozillazine.org/talkback.html?article=22211

Automatically downloaded:D

Thanks for telling

thanks buddy

thnx for the info bro

Shud be included in Digit disc.

Thanks for the info!!! I was facing problems with memory corruption in 2.0.0.4. Hope that 2.0.0.5 should have fixed it.

downloadin ow

automatically updated for me...yesterday noon

thanx 4 info ......... downloading right now .........

updated

it auto download for me in the update thingy but thanks for teling i didn't notice until now:D :D :D :D :D :D

thanks buddy
is there really a gigacore???:confused: :confused: :confused: :o

Automatically downloaded:D

I second that :-)

My FF automatically updated itself.

Still on version 2.0.0.4 ?? "Check for Updates" is Disabled :mad:

Thanks. Updated.:)

Still on version 2.0.0.4 ?? "Check for Updates" is Disabled :mad:
Then download the setup file from the website or wait for the Digit August or September issue.

What triggers the automatic updating of firefox ?
I donno but i have automatic updating turned on and it still isnt updating.
My other machine doesnt even wait for PC to boot that i fire firefox and it starts updating it.
Why this random choosing!

Then download the setup file from the website or wait for the Digit August or September issue.

Well I could download it in less than a minute and install. But I didnt know there was a update till I saw this thread :mad:

FYI,I for once in a month opens my Windows XP SP2(showpiece ;) ) on PC,and usually tries updating AVG Free,Comodo FW,spybot S&D,winupdates and Firefox.that's how i learned about this update.thought its worth to post here as it is useful or atleast helps bring the buggy browser a new fix!hehehe!

is there really such thing as gigacore?

FYI Im using Firefox installed in Feiste. Synaptic doesnt show the new update.

^updated version will eventually shown in synaptic.though if ur installing from web,install to /usr/local/firefox/ rather than into ur /home/username dir.

holy moly....new firefox!!!!!....waiitng to try it:p :p

^updated version will eventually shown in synaptic.though if ur installing from web,install to /usr/local/firefox/ rather than into ur /home/username dir.

Thanks for the tip. Will do that.

might fix the memory eating

vulnies in another firefox release too :x I tried and i have to say it sucks as with this example website :x
http://www.heise-security.co.uk/services/browsercheck/demos/moz/pass1.shtml
According to a message posted over the weekend on the Full-Disclosure mailing list (http://lists.grok.org.uk/full-disclosure-charter.html), the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw.

The Mozilla team fixed a similar flaw last November (https://bugzilla.mozilla.org/show_bug.cgi?id=3604), one which did not require JavaScript. The heise Security (http://www.heise-security.co.uk/) Web site contains a demo/proof of concept of the vulnerability risk (http://www.heise-security.co.uk/services/browsercheck/demos/moz/pass1.shtml) that you can use to determine your vulnerability.
The original flaw was referred to as reverse cross-site scripting (http://www.securityfocus.com/infocus/1883/1) and was reportedly widely used on Myspace.com.
Note: A reader has pointed out that MySpace.com does not allow Javascript, as originally reported. The reader is correct, although there do seem to be workarounds which result in Javascript executing on some browsers.
Discussions (http://www.heise-security.co.uk/news/93018) between heise Security and Mozilla developers describe a debate among Mozilla developers over removing this feature, since "evil" server pages can steal passwords from browsers whether the user has opted for password management by Firefox or not.
Apple's Safari is vulnerable in the same way. Current workarounds include disabling JavaScript in Firefox or avoiding the use of Firefox password management on sites where users are allowed to post JavaScript pages.

http://www.linux.com/feature/118166
So..this time its serious flaws!

Thanks god I dont use much of the password managment in FF, Is this vurenebility there in 2.0.0.4 also? Really scarry man !!!

make a master passwd or disable java are the options currently available.I hope some browsers like Konqueror(Khtml) or gtkhtml based browsers arise.gecko browsers seems vulnerable very much these days!