Curious as to how you came to that particular mem cache amount (16384)?
UserAgent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1
Mozilla Firefox 1.5.0.1 released
Moderators: Antony, Edward, profman, Ramona
25 posts
• Page 2 of 2 • 1, 2
by Ramona » Fri 03 Feb, 2006 2:59 pm
Thanks! I did find a table for the setting in :Bug #296538
Here's a table comparing the default cache sizes for common RAM sizes:
RAM ------- current -- proposed
32 MB ------- 2 MB ---- 2 MB
64 MB ------- 4 MB ---- 4 MB
128 MB ------ 8 MB ---- 6 MB
256 MB ---- 14 MB --- 10 MB
512 MB ---- 22 MB --- 14 MB
1024 MB --- 32 MB --- 18 MB
2048 MB --- 44 MB --- 24 MB
4096 MB --- 58 MB --- 30 MB
Here's a table comparing the default cache sizes for common RAM sizes:
RAM ------- current -- proposed
32 MB ------- 2 MB ---- 2 MB
64 MB ------- 4 MB ---- 4 MB
128 MB ------ 8 MB ---- 6 MB
256 MB ---- 14 MB --- 10 MB
512 MB ---- 22 MB --- 14 MB
1024 MB --- 32 MB --- 18 MB
2048 MB --- 44 MB --- 24 MB
4096 MB --- 58 MB --- 30 MB
UserAgent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1
-
Ramona - Moderator
- Posts: 2376
- Joined: Wed 19 Jun, 2002 3:50 pm
- Location: Midwest USA
by J-M » Fri 03 Feb, 2006 4:42 pm
Security issues fixed in this 1.5.0.1 release were rated as 'Highly Critical' (4/5) at
http://secunia.com/advisories/18700/
and as 'Critical Risk' (4/4) at
http://www.frsirt.com/english/advisories/2006/0413 .
From SA18700:
From FrSIRT/ADV-2006-0413:
These reporters are well known from previous security advisories too.
Secunia lists no SeaMonkey issues.
Eight Mozilla Foundation Security Advisories MFSA2006-01..MFSA2006-08 from Mozilla.org are listed at http://www.mozilla.org/projects/securit ... ml#Firefox .
http://secunia.com/advisories/18700/
and as 'Critical Risk' (4/4) at
http://www.frsirt.com/english/advisories/2006/0413 .
From SA18700:
Description:
Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.
From FrSIRT/ADV-2006-0413:
Technical Description:
Multiple vulnerabilities were identified in Mozilla Suite, Mozilla Firefox and Thunderbird, which may be exploited by remote attackers to take complete control of an affected system or bypass security restrictions.
Credits
Vulnerabilities reported by Igor Bukanov, Martijn Wargers, ZIPLOCK, Georgi Guninski, moz_bug_r_a4, Johnny Stenback and Brendan Eich.
These reporters are well known from previous security advisories too.
Secunia lists no SeaMonkey issues.
Eight Mozilla Foundation Security Advisories MFSA2006-01..MFSA2006-08 from Mozilla.org are listed at http://www.mozilla.org/projects/securit ... ml#Firefox .
UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi-FI; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
-
J-M - diamond member
- Posts: 815
- Joined: Sun 25 Jul, 2004 9:16 am
- Location: Helsinki, Finland
by Hendikins » Sat 04 Feb, 2006 6:45 am
Pu7o wrote:It doesn't speed up firefox/seamonkey at all, in fact, it makes it slower, by limiting the memory that it can use.
Reducing the memory cache to 16MB or even 8MB will not slow down the browser.
For a list of tips to reduce memory usage, and information on why Firefox chews up memory, see The one and only "Memory usage" thread & FQA at MozillaZine.
UserAgent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20060128 SeaMonkey/1.5a
Last edited by Hendikins on Sat 04 Feb, 2006 6:47 am, edited 1 time in total.
-
Hendikins - Lurking Wolfox
- Posts: 617
- Joined: Mon 26 Aug, 2002 5:21 am
- Location: All stations to Zig Zag via the North Shore Line
by profman » Sat 04 Feb, 2006 3:08 pm
Hendikins wrote:For a list of tips to reduce memory usage, and information on why Firefox chews up memory, see The one and only "Memory usage" thread & FQA at MozillaZine.
Hendikins: Thanks for the info and link! I'll be reading that info when I get the time.
UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915
profman, the mad chemist
Moderator of SillyDog Forums
User of Thunderbird 2.0.0.x & Firefox 3.x
Try Forum Search
Moderator of SillyDog Forums
User of Thunderbird 2.0.0.x & Firefox 3.x
Try Forum Search
-
profman - Moderator
- Posts: 1528
- Joined: Wed 11 Sep, 2002 8:00 pm
by Don_HH2K » Sat 04 Feb, 2006 4:36 pm
Secunia released advisory 18700 relating to seven different individual security holes yesterday. According to Secunia, these holes are patched in 1.5.0.1.
I'd wager that since Firefox 1.5.0.1 was built off 20060111's source, Seamonkey 1.0 Final (released 20060130) would also be unaffected.
Secunia wrote:Description:
Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.
1) Some errors in the JavaScript engine where certain temporary variables are not properly protected may be exploited to execute arbitrary code via a user-defined method triggering garbage collection.
One of the vulnerabilities affects only version 1.5. The other affects version 1.5 and prior.
2) An error in the dynamic style handling can be exploited to reference freed memory by changing the style of an element from "position:relative" to "position:static".
Successful exploitation may allow execution of arbitrary code.
The vulnerability has been reported in version 1.5.
3) An error in the "QueryInterface" method of the Location and Navigator objects can be exploited to cause a memory corruption.
Successful exploitation may allow execution of arbitrary code.
The vulnerability has been reported in version 1.5.
4) An input validation error in the processing of the attribute name when calling "XULDocument.persist()" can be exploited to inject arbitrary XML and JavaScript code in "localstore.rdf", which will be executed with the permissions of the browser the next time the browser starts up again.
5) Some integer overflows in the E4X, SVG, and Canvas functionalities may be exploited to execute arbitrary code.
The vulnerabilities have been reported in version 1.5.
6) A boundary error in the "nsExpatDriver::ParseBuffer()" function in the XML parser may be exploited to disclose data on the heap.
The vulnerability does not affect version 1.0.
7) The internal "AnyName" object of the E4X functionality is not properly protected. This can be exploited to create a communication channel between two windows or frames having different domains.
This does not pose any direct risks and does not allow bypass of same-origin restrictions or disclosure of web content from other domains.
The vulnerability does not affect version 1.0.
I'd wager that since Firefox 1.5.0.1 was built off 20060111's source, Seamonkey 1.0 Final (released 20060130) would also be unaffected.
UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060130 Donzilla/1.1PR1 (WML/1.3)
Laptop: HP Compaq nx6325 - Turion 64 X2 @ 2GHz, 2GB DDR2, 100GB HD, ATI Radeon X300, 15" LCD, Seven Pro
Handheld: Palm Treo 650 - Intel PXA270 @ 312MHz, 10MB RAM, 32MB flash, 2.7" LCD, Palm OS 5.4
Handheld: Palm Treo 650 - Intel PXA270 @ 312MHz, 10MB RAM, 32MB flash, 2.7" LCD, Palm OS 5.4
-
Don_HH2K - Moderator
- Posts: 5112
- Joined: Sun 09 May, 2004 3:59 pm
by Hendikins » Sat 04 Feb, 2006 9:06 pm
Correct. The security issues fixed in Firefox 1.5.0.1 were also fixed in the SeaMonkey 1.0 release.
Note that there is also additional undisclosed stuff that we won't know about until after Firefox 1.0.8 is released.
Note that there is also additional undisclosed stuff that we won't know about until after Firefox 1.0.8 is released.
UserAgent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20060128 SeaMonkey/1.5a
-
Hendikins - Lurking Wolfox
- Posts: 617
- Joined: Mon 26 Aug, 2002 5:21 am
- Location: All stations to Zig Zag via the North Shore Line
by J-M » Sun 05 Feb, 2006 12:35 am
Don_HH2K wrote:Secunia released advisory 18700 relating to seven different individual security holes yesterday. According to Secunia, these holes are patched in 1.5.0.1.
This was covered at posting #69888 including Secunia and FrSIRT advisory links about fixes in release 1.5.0.1
Thanks for the full Secunia description text.UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi-FI; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
-
J-M - diamond member
- Posts: 815
- Joined: Sun 25 Jul, 2004 9:16 am
- Location: Helsinki, Finland
by J-M » Wed 08 Feb, 2006 5:51 pm
One of the Mozilla's security advisories;
http://www.mozilla.org/security/announc ... 06-04.html
was updated on 7th Feb. to include Critical Severity level:
http://www.mozilla.org/security/announc ... 06-04.html
was updated on 7th Feb. to include Critical Severity level:
Update (7 February 2006)
H D Moore of the Metasploit Project published a working exploit on milw0rm for the Linux and Mac OS X versions of Firefox 1.5. Severity upgraded to critical.
UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi-FI; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
-
J-M - diamond member
- Posts: 815
- Joined: Sun 25 Jul, 2004 9:16 am
- Location: Helsinki, Finland
25 posts
• Page 2 of 2 • 1, 2
Return to Firefox, SeaMonkey and Netscape
Who is online
Registered users: Google [Bot]
