Password Bug Fixed Sooner Than Expected in Firefox 3.0.3
Mozilla released Firefox 3.0.3 with fix for a problem where users were unable to retrieve saved passwords or save new passwords. For some users, ever since upgrading, the new Firefox did not remember passwords or asked if passwords should be saved, even with preferences set to “Remember passwords for sites” and without exceptions in the “exeptions” box. It happened for every site that requires a password.
Just a day after it released Firefox 3.0.2 to fix 11 vulnerabilities, Mozilla Corp. said that an overlooked password bug requires a fast-track update it hopes to launch next week. Late Wednesday, Mike Beltzner, Mozilla’s director of Firefox, said that the bug, which prevents some users from accessing their browser-saved passwords, means another update is necessary. “While this doesn’t affect all Firefox users, it is a significant regression and has triggered a fast-release Firefox 3.0.3 which will contain a single fix,” Beltzner said in a message to the mozilla.dev.planning group.
The bug popped up in Firefox 3.0.2, which Mozilla released Tuesday, after developers added a fix to make the browser’s password manager work on international domain name (IDN) sites. IDN sites are those that have non-ASCII characters in their URLs, such as addresses with Arabic, Hebrew or Chinese characters, or ones with non-English diacritical marks.
According to Beltzner, users who have saved passwords on IDN sites or some non-English domains will be unable to access those passwords or save any new passwords after updating to Firefox 3.0.2. “There is no permanent data loss, the saved data is just inaccessible,” Beltzner noted.
A fix for the password regression bug is already available through Firefox update mechanism.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.