Wednesday, January 3, 2018

Mozilla Firefox Version 45 0 Released with Critical Security Updates

Mozilla Firefox Version 45 0 Released with Critical Security Updates



Firefox
Mozilla sent Firefox Version 45.0 to the release channel.  The update includes eight (8) critical security updates, seven (7) high, six (6) moderate and one (1) low security updates.

Firefox ESR was updated to version 38.7.0.

The next scheduled release is April 19, 2016.

Fixed in Firefox 45


  •     2016-37Font vulnerabilities in the Graphite 2 library
  •     2016-36Use-after-free during processing of DER encoded keys in NSS
  •     2016-35Buffer overflow during ASN.1 decoding in NSS
  •     2016-34Out-of-bounds read in HTML parser following a failed allocation
  •     2016-33Use-after-free in GetStaticInstance in WebRTC
  •     2016-32WebRTC and LibVPX vulnerabilities found through code inspection
  •     2016-31Memory corruption with malicious NPAPI plugin
  •     2016-30Buffer overflow in Brotli decompression
  •     2016-29Same-origin policy violation using perfomance.getEntries and history navigation with session restore
  •     2016-28Addressbar spoofing though history navigation and Location protocol property
  •     2016-27Use-after-free during XML transformations
  •     2016-26Memory corruption when modifying a file being read by FileReader
  •     2016-25Use-after-free when using multiple WebRTC data channels
  •     2016-24Use-after-free in SetBody
  •     2016-23Use-after-free in HTML5 string parser
  •     2016-22Service Worker Manager out-of-bounds read in Service Worker Manager
  •     2016-21Displayed page address can be overridden
  •     2016-20Memory leak in libstagefright when deleting an array during MP4 processing
  •     2016-19Linux video memory DOS with Intel drivers
  •     2016-18CSP reports fail to strip location information for embedded iframe pages
  •     2016-17Local file overwriting and potential privilege escalation through CSP reports
  •     2016-16Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)

New

  • Instant browser tab sharing through Hello
  • Tabs synced via Firefox Accounts from other devices are now shown in dropdown area of Awesome Bar when searching
  • Synced Tabs button in button bar
  • Introduce a new preference (network.dns.blockDotOnion) to allow blocking .onion at the DNS level
  • Guarani [gn] locale added

Fixed

  • URLs containing a Unicode-format Internationalized Domain Name (IDN) are now properly redirected
  • Various security fixes

Changed

  • Tab Groups (Panorama) feature removed

HTML5

  • Push API support, part of Progressive Web Applications
  • Support delivery of a Content Security Policy (CSP) via a meta tag
  • Web Speech synthesis API
  • ES6 Classes

Unresolved

  • On-screen keyboard support was temporarily turned off for Windows 8 and Windows 8.1

Update

To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

    References

    • Common questions after updating Firefox
    • Security Updates
    • Mozilla Firefox Release Notes
    • Bug Fixes 

    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...













    Computer security news & information, help, tips, tutorials, and more.
    �2006 - 2017 "Security Garden" By Corrine


    go to link download
    download
    alternative link download
    Posted by at

    No comments:

    Post a Comment

    Note: Only a member of this blog may post a comment.

    Subscribe to: Post Comments (Atom)