Sunday, January 7, 2018

Mozilla Firefox Version 47 0 Released with Security Updates

Mozilla Firefox Version 47 0 Released with Security Updates



FirefoxMozilla sent Firefox Version 47.0.0 to the release channel today.  The update is a major release and includes two (2) critical, five (5) high, four (4) moderate and two (2) low security updates.


The next scheduled release is August 2, 2016.  Firefox ESR will continue to ship point releases on the same day that Firefox ships and can be downloaded from here.

Fixed in Firefox 47

  • 2016-62 Network Security Services (NSS) vulnerabilities
  • 2016-60 Java applets bypass CSP protections
  • 2016-59 Information disclosure of disabled plugins through CSS pseudo-classes
  • 2016-58 Entering fullscreen and persistent pointerlock without user permission
  • 2016-57 Incorrect icon displayed on permissions notifications
  • 2016-56 Use-after-free when textures are used in WebGL operations after recycle pool destruction
  • 2016-55 File overwrite and privilege escalation through Mozilla Windows updater
  • 2016-54 Partial same-origin-policy through setting location.host through data URI
  • 2016-53 Out-of-bounds write with WebGL shader
  • 2016-52 Addressbar spoofing though the SELECT element
  • 2016-51 Use-after-free deleting tables from a contenteditable document
  • 2016-50 Buffer overflow parsing HTML5 fragments
  • 2016-49 Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)


New

  • Support for Google�s Widevine CDM on Windows and Mac OS X so streaming services like Amazon Video can switch from Silverlight to encrypted HTML5 video.
  • Enable VP9 video codec for users with fast machines
  • Embedded YouTube videos now play with HTML5 video if Flash is not installed.
  • View and search open tabs from your smartphone or another computer in a sidebar
  • Allow no-cache on back/forward navigations for https resources
  • Latgalu [ltg] locale added. Wikipedia tells us there are 164,500 daily speakers.

Changed

  • FUEL (Firefox User Extension Library) has been removed. Add-ons relying on it will stop working.
  • The browser.sessionstore.restore_on_demand preference has been reset to its default value (true) to avoid e10s performance problems. Because faster is better!
  • The Firefox click-to-activate plugin whitelist has been removed.

HTML5

  • cuechange events are now available on TextTrack objects
  • WebCrypto: PBKDF2 supports SHA-2 hash algorithms
  • WebCrypto: RSA-PSS signature support

Known Issues

    • Known issue with old invalid paper size printing prefs (Bug 1276717)

    Update

    To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

      References

      • Common questions after updating Firefox
      • Security Updates
      • Mozilla Firefox Release Notes
      • Bug Fixes  
      • Update Release Schedule for 2016



      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...

      Computer security news & information, help, tips, tutorials, and more.
      �2006 - 2017 "Security Garden" By Corrine


      go to link download
      download
      alternative link download
      Posted by at

      No comments:

      Post a Comment

      Note: Only a member of this blog may post a comment.

      Subscribe to: Post Comments (Atom)