Firefox 14 was sent to the release channel today by Mozilla. Included in the update are five (5) critical, four (4) high, and five (5) moderate security updates.
Based on the extensive list of security updates, it is recommended that the update be applied as soon as possible.
Security Updates Fixed in Firefox 14
- MFSA 2012-56 Code execution through javascript: URLs
- MFSA 2012-55 feed: URLs with an innerURI inherit security context of page
- MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
- MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
- MFSA 2012-51 X-Frame-Options header ignored when duplicated
- MFSA 2012-50 Out of bounds read in QCMS
- MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
- MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
- MFSA 2012-47 Improper filtering of javascript in HTML feed-view
- MFSA 2012-46 XSS through data: URLs
- MFSA 2012-45 Spoofing issue with location
- MFSA 2012-44 Gecko memory corruption
- MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop
- MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)
What's New
The Release Notes include new and fixed features in version 14. The numerous Bug Fixes are in the link available in References.
- NEW -- Google searches now utilize HTTPS
- NEW -- Full screen support for Mac OS X Lion implemented
- NEW -- Plugins can now be configured to only load on click (requires an about:config change)
- NEW -- The Awesome Bar now auto-completes typed URLs
- CHANGED -- Improved site identity manager, to prevent spoofing of an SSL connection with favicons
- DEVELOPER -- Pointer Lock API implemented
- DEVELOPER -- New API to prevent your display from sleeping
- DEVELOPER -- New text-transform and font-variant CSS improvements for Turkic languages and Greek
- FIXED -- Various security fixes
- FIXED -- GIF animation can gets stuck when src and image size are changed (743598)
- FIXED -- OS X: nsCocoaWindow::ConstrainPosition uses wrong screen in multi-display setup (752149)
- FIXED -- CSS :hover regression when an element's class name is set by Javascript (758885)
Known Issues
- Unresolved -- If you try to start Firefox using a locked profile, it will crash (see 573369)
- Unresolved -- For some users, scrolling in the main GMail window will be slower than usual (see 579260)
- Unresolved -- Focus rings keep growing when repeatedly tabbing through elements (see 720987)
- Unresolved -- Windows: The use of Microsoft's System Restore functionality shortly after updating Firefox may prevent future updates (see 730285)
Update
The upgrade to Firefox 14. To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu.If you do not use the English language version, Fully Localized Versions are available for download.
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
0 comments:
Post a Comment