Mozilla will probably release a Firefox update Friday to patch a bug in the just-released 18.104.22.168 version, according to the company's bug database.
If so, it would mark the first time that Mozilla has released two versions of the open-source browser in the same week.
A bug in rendering "canvas" HTML elements worked its way into Firefox 22.214.171.124, the edition Mozilla released Monday to fix six other vulnerabilities. Canvas elements, which were first used by Apple in its Safari browser, let Web site designers dynamically render bitmap images in HTML. Firefox, Safari and Opera support Canvas natively; Microsoft's Internet Explorer does so with a plug-in.
All editions of Firefox 126.96.36.199 -- for Windows, Mac OS X and Linux -- break pages that include the Canvas element, and cripple at least two Firefox extensions, FoxSaver and Fotofox.
Developer Kevin Han reported the regression bug late Monday, within hours of 188.8.131.52's release. By Tuesday morning, confirmations began pouring into Bugzilla, Mozilla's bug and patch database.
"I can confirm this problem," said Klaus Reimer in a message posted to Bugzilla. "Customers are complaining because their Firefox automatically updated to 184.108.40.206 and now they can no longer order photo prints in our shop. I think this is a very serious problem, and I hope it will be fixed immediately in a 220.127.116.11 update."
By midday Tuesday, developers had come up with a fix for the flaw. A day later, Nick Thomas, one of the developers working on the bug, answered questions about an update schedule. "The release of 18.104.22.168 is tentatively scheduled for Friday, November 30," he said on Bugzilla. "If that comes off, it'll be the fastest turnaround between Firefox releases to date; i.e., it relies on everything in the release process going without a hitch."
In an e-mailed statement, Mike Schroepfer, vice president of engineering for Mozilla, downplayed the extent of the problem. "The bug affects a specific use case of the Canvas tag, which is not yet in wide use," he said.
As for how the flaw slipped through Mozilla's testing process, Schroepfer said: "We used our standard process of releasing a beta to tens of thousands of users and had no reports of this issue prior to the full release of 22.214.171.124. Most importantly, once we became aware of the issue, we worked overtime to address it."
He did not say whether Mozilla would, in fact, deliver Firefox 126.96.36.199 on Friday.
But even if Mozilla meets the rush deadline, the snafu will leave some users very unhappy. "We develop process management Web applications on Oracle that use AJAX [and] Ruby on Rails, and we have gone out of our way to tell our customers that we 'strongly' recommend they use Firefox," said someone identified only as Jonathan on Bugzilla. "This little episode really has egg on our face.
"For a couple of days, we have had an unbearable number of support calls. I would hope this reinforces the need for someone to put in some serious effort on developing a solid and extensive suite of regression tests. This should have NEVER gotten into a public release."
Firefox 3.0 Beta 1, which launched last week, is not affected by the Canvas regression.