FF 3.6.25 is here!
Posted by: jmillar
Date: August 18, 2011 12:05AM

The last of the 3.6 releases? Let's hope not!



Edited 1 time(s). Last edit at 12/16/2011 03:08AM by JujuLand.

Re: FF 3.6.20 is here!
Posted by: jmillar
Date: August 18, 2011 06:44PM

I've bumped up Fred's 3.6.16 based version to 3.6.20 following the indications on
http://kmeleon.sourceforge.net/forum/read.php?2,117672 Seems to work for me! I don't know if there are any remaining security issues.

Re: FF 3.6.20 is here!
Posted by: 4td8s
Date: August 22, 2011 10:44AM

Quote
jmillar
The last of the 3.6 releases? Let's hope not!

you mean FF 3.6.20.

it seems that 3.6.20 won't be the last release for Firefox 3.6, jmillar.
an FF 3.6.21 is being planned for release near the end of September.

Re: FF 3.6.20 is here!
Posted by: jmillar
Date: August 24, 2011 03:48AM

Quote
4td8s
Quote
jmillar
The last of the 3.6 releases? Let's hope not!

you mean FF 3.6.20.

it seems that 3.6.20 won't be the last release for Firefox 3.6, jmillar.
an FF 3.6.21 is being planned for release near the end of September.

Excellent news,thanks!

Re: FF 3.6.20 is here!
Posted by: 4td8s
Date: August 31, 2011 06:00AM

it appears that Firefox 3.6.21 will be released ahead of schedule to deal with a recent security flaw mentioned in this Mozilla Security blog.

but FF 3.6.21 won't be the last release of FF 3.6. an FF 3.6.22 release will be coming on Sept. 27 instead of 3.6.21.

Re: FF 3.6.20 is here!
Posted by: deadlock
Date: August 31, 2011 06:34AM

@4td8s
Is it the same DigiNotar Root CA Certificate as in GRE 1.9.1.19?

Issued on: 2007-05-16
Expires on: 2025-03-31
Serial Number: 0C:76:DA:9C:91:0C:4E:2C:9E:FE:15:D0:58:93:3C:4C

Would add it to to 1.9.1 patches for KM 1.6.x too.



Edited 1 time(s). Last edit at 08/31/2011 06:35AM by deadlock.

Re: FF 3.6.20 is here!
Posted by: ndebord
Date: August 31, 2011 11:05AM

Quote
deadlock
@4td8s
Is it the same DigiNotar Root CA Certificate as in GRE 1.9.1.19?

Issued on: 2007-05-16
Expires on: 2025-03-31
Serial Number: 0C:76grinning smileyA:9C:91:0C:4E:2C:9E:FE:15grinning smiley0:58:93:3C:4C

Would add it to to 1.9.1 patches for KM 1.6.x too.

deadlock,

Any idea if certificate patrol can be adapted for KM?

Tks.

N

Re: FF 3.6.20 is here!
Posted by: deadlock
Date: August 31, 2011 01:28PM

@ndebord
>Any idea if certificate patrol can be adapted for KM?

It is a chrome package.
The manifest has to be renamed and
adapted for K-meleon.

I made a new neterror page with cert-viewer and manager.
Isn't that enough? tongue sticking out smiley
But even the old pippki stuff required changes in KM.

Go ahead and try yourself first.

I'm starting with those windows sizing bugs in chrome.
Did you compile the GRE last weekend?



Edited 1 time(s). Last edit at 08/31/2011 01:29PM by deadlock.

Re: FF 3.6.20 is here!
Posted by: guenter
Date: September 01, 2011 12:34AM

Quote
4td8s

but FF 3.6.21 won't be the last release of FF 3.6. an FF 3.6.22 release will be coming on Sept. 27 instead of 3.6.21.

Who says so?

http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/

Quote
Mozilla Security Blog
• Firefox for Windows, Mac and Linux (3.6.21 final release)


Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 01, 2011 01:44AM

Quote
deadlock
@ndebord
>Any idea if certificate patrol can be adapted for KM?

It is a chrome package.
The manifest has to be renamed and
adapted for K-meleon.

I made a new neterror page with cert-viewer and manager.
Isn't that enough? tongue sticking out smiley
But even the old pippki stuff required changes in KM.

Go ahead and try yourself first.

I'm starting with those windows sizing bugs in chrome.
Did you compile the GRE last weekend?

No, did not do it, ran out of time (job) and am not generally comfortable compiling. Will try though.... have done it once properly, some time ago and then failed on more than one try. <sigh>

Aside: I think it would be nice if we could have a structured extensions page, with search and alphabetical listings, no?

N



Edited 1 time(s). Last edit at 09/01/2011 01:45AM by ndebord.

Re: FF 3.6.20 is here!
Posted by: deadlock
Date: September 01, 2011 02:22AM

Quote
ndebord
Aside: I think it would be nice if we could have a structured extensions page, with search and alphabetical listings, no?

I don't know what you're talking about.

Something like resources?

Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 01, 2011 02:56AM

Quote
deadlock
Quote
ndebord
Aside: I think it would be nice if we could have a structured extensions page, with search and alphabetical listings, no?

I don't know what you're talking about.

Something like resources?

deadlock,

Sorry, wasn't too clear. This site:

http://kmext.sourceforge.net/

Would like to see it easier to navigate, but that is not something for now, merely a long-term wish.

N

Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 01, 2011 10:56AM

Quote
deadlock
@ndebord
>Any idea if certificate patrol can be adapted for KM?

It is a chrome package.
The manifest has to be renamed and
adapted for K-meleon.

I made a new neterror page with cert-viewer and manager.
Isn't that enough? tongue sticking out smiley
But even the old pippki stuff required changes in KM.

Go ahead and try yourself first.

I'm starting with those windows sizing bugs in chrome.
Did you compile the GRE last weekend?

Deadlock,

Looks like the Dutch exploit on Certs was far greater than initially reported.

http://www.pcworld.com/article/239261/hackers_may_have_stolen_over_200_ssl_certificates.html

N

Re: FF 3.6.20 is here!
Posted by: deadlock
Date: September 02, 2011 12:28PM

@ndebord
>to see it easier to navigate

You can make your own one?

>Looks like the Dutch exploit on Certs
>was far greater than initially reported.

You can provide a patch for users
or build a GRE without those 200 certs
if a full list of bad certs is made available.

What happens if modern browsers detect
a stolen/blacklisted certificate?

Re: FF 3.6.20 is here!
Posted by: guenter
Date: September 02, 2011 07:25PM

Quote
deadlock

>Looks like the Dutch exploit on Certs
>was far greater than initially reported.

You can provide a patch for users
or build a GRE without those 200 certs
if a full list of bad certs is made available.

What happens if modern browsers detect
a stolen/blacklisted certificate?

The problem is that no full list is available yet.
They simply do not know. And worse - they have defaulted to disclose the full extent of the breach immidiately. So You could argue they are not to be trusted anymore.

Other browser vendors seem to have revoked/removed the root certificate of this certificates authority/vendor because the extent of the breach is not clear yet.

K-Meleon project can easily remove that root certificate also - even after the GRE has been build. Even the users can do it themselves.

After that it says: unknown certificate or authority when one of their certs is encountered. smiling smiley



Edited 1 time(s). Last edit at 09/02/2011 07:29PM by guenter.

Re: FF 3.6.20 is here!
Posted by: JamesD
Date: September 06, 2011 02:40AM

Quote
guenter
K-Meleon project can easily remove that root certificate also - even after the GRE has been build. Even the users can do it themselves.

Are there instructions for doing this? I think I should remove the certificates from DigiNotar.

Edit: OK, I found it under TOOLS.



Edited 1 time(s). Last edit at 09/06/2011 02:50AM by JamesD.

Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 08, 2011 10:03AM

Quote
JamesD
Quote
guenter
K-Meleon project can easily remove that root certificate also - even after the GRE has been build. Even the users can do it themselves.

Are there instructions for doing this? I think I should remove the certificates from DigiNotar.

Edit: OK, I found it under TOOLS.

JamesD,

Help me out. I can find the certificate, but I can't seem to delete it. (nor view, edit, etc., do anything to it.)

P.S. I know that in FireFox, it is XUL:

certManager.xul

Which you can manually edit, but where in K-Meleon?

N



Edited 1 time(s). Last edit at 09/08/2011 10:30AM by ndebord.

Re: FF 3.6.20 is here!
Posted by: 4td8s
Date: September 08, 2011 10:25AM

Quote
4td8s

but FF 3.6.21 won't be the last release of FF 3.6. an FF 3.6.22 release will be coming on Sept. 27 instead of 3.6.21.

ah I take it back. Firefox 3.6.22 was released yesterday (a "chemspill" release).

so that means on Sept. 27, an FF 3.6.23 release would be coming that day.
then again, things could change unexpectedly.

Re: FF 3.6.20 is here!
Posted by: guenter
Date: September 08, 2011 08:52PM

Quote
ndebord

I can find the certificate, but I can't seem to delete it. (nor view, edit, etc., do anything to it.)

P.S. I know that in FireFox, it is XUL:

certManager.xul

Which you can manually edit, but where in K-Meleon?

1.) When You delete DigiNotar - it does not disappear permanently.
The entry reappears the next time You open the certManager.xul.

But something has changed. You can see that when You go to the tab Authorities and activate at it with Your mouse @ the line "DigiNotar Root CA" & then press at the bottom "Edit" to get the editor popup.

In the editor: After deleting DigiNotar the marks at "This certificate can identify web sites" & "This certificate can identify software makers" are gone.

2) The certManager.xul of K-Meleon is called from:
Tools -> Privacy -> View Data -> View Certificates

3.) The screenshot shows the certManager.xul in action & the "Edit" popup before DigiNotar is deleted which removes the 2 checkmarks. You can alternatively edit and remove the two checkmarks manually.






Edited 2 time(s). Last edit at 09/09/2011 01:36AM by guenter.

Attachments: certs.gif (34.4 KB)  
Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 08, 2011 09:57PM

Thanks Guenter, I was trying to edit from the description line, not the actual cert. So, yes it works and I'm just stoopid.

N

Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 09, 2011 12:58AM

Guenter,


Looks like the contagion has spread.

http://www.theregister.co.uk/2011/09/07/globalsign_suspends_ssl_cert_biz/

N

Re: FF 3.6.20 is here!
Posted by: Mister M
Date: September 15, 2011 09:33AM

Hi.

I've not used Firefox in many years, but I'd like to ask if this version is as fast as KM 1.54?

I am running it on a 11 year old p3 machine. Will 3.6 run as fast as KM?

Thank you for any answers! ;)

Re: FF 3.6.20 is here!
Posted by: ndebord
Date: September 15, 2011 11:38AM

Quote
Mister M
Hi.

I've not used Firefox in many years, but I'd like to ask if this version is as fast as KM 1.54?

I am running it on a 11 year old p3 machine. Will 3.6 run as fast as KM?

Thank you for any answers! ;)

Mister M,

I am running KM 1.6.0beta2 on XP PRO SP3, on an old Pentium M Thinkpad, circa 2003 if memory serves.

N

Re: FF 3.6.20 is here!
Posted by: 4td8s
Date: October 05, 2011 01:07AM

Quote
jmillar

Excellent news,thanks!

and more good news about FF 3.6, an upcoming 3.6.24 release is scheduled to come out sometime in November along with FF 8.0.

Firefox 3.6 refuses to die. ah yes! grinning smiley



Edited 1 time(s). Last edit at 10/05/2011 01:08AM by 4td8s.

FF 3.6.x support
Posted by: future
Date: October 23, 2011 07:00PM
Re: FF 3.6.x support
Posted by: 4td8s
Date: November 11, 2011 09:37AM

Firefox 3.6.24 has been released a few days ago. download it from here.

Re: FF 3.6.20 is here!
Posted by: Yogi
Date: November 12, 2011 04:27AM

Quote
4td8s
Firefox 3.6 refuses to die. ah yes! grinning smiley

I don't use Fx, K-Meleon being my work horse and Opera my secondary browser.
Nonetheless I download sometimes releases of Fx (8.0/3.6.24) in order to test.
It seems that 3.6 is maintained only for security fixes. Rendering engines aren't the same. So some pages get rendered differently.
Example, the red bar at the top.

Re: FF 3.6.20 is here!
Posted by: Type Inference
Date: November 12, 2011 08:28PM
Re: FF 3.6.20 is here!
Posted by: Who cares?
Date: November 13, 2011 05:17AM

Quote
Type Inference
Firefox 9.0 and Firefox 10.0 is much, much faster than outdated Firefox 3.6 and Kmeleon.

http://blog.mozilla.com/futurereleases/2011/11/10/firefoxbeta9/

http://blog.mozilla.com/futurereleases/2011/11/10/type-inference-to-firefox-beta/

http://blog.mozilla.com/futurereleases/2011/11/11/firefoxaurora10/

Even basic stuff like JPEG decoding, modern Firefox is over 2x faster than 3.6.

https://bugzilla.mozilla.org/show_bug.cgi?id=573948

ffOX has a less sophisticated interface, which cuts down basic browsing efficiency.

Who cares for ffOX`s faster JavaScript execution?

Re: FF 3.6.20 is here!
Posted by: Yogi
Date: November 13, 2011 07:12AM

Quote
Type Inference
Firefox 9.0 and Firefox 10.0 is much, much faster than outdated Firefox 3.6 and Kmeleon.

Have you already tested Firefox 10?
At least I've tested Firefox 8.0 against K-Meleon 1.6b2. Nine times out of ten I have JavaScript disabled. It is the default setting in my browser. So I tested with scripting disabled. On my broadband connection I can hardly notice any speed difference. I had the (subjective?) impression that K-Meleon was snappier. Nevertheless there was a huge diference. Firefox needs the double amount of resources. It is a real hog compared to K-Meleon. Moreover I missed a lot of features and conveniences K-Meleon offers by default. Of course there are tons of extensions for Firefox which could add all those features and conveniences I've missed. However those extensions might also cause some troubles. In case you are lucky and they don't, you will have to pray so that they will still work after the next upgrade.
So far K-Meleon is still my winner but each to his own.



Edited 1 time(s). Last edit at 11/13/2011 07:15AM by Yogi.

K-Meleon forum is powered by Phorum.