Wednesday, December 17, 2008

Firefox 3.0.5 Security Update

Mozilla Firefox has been updated to version 3.0.5. To get the update before prompted, click Help > Check for Updates. In addition, version has been released for Firefox 2.

Security Updates in Firefox 3.0.5

MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-60 Crashes with evidence of memory corruption (rv:
In addition to the above securityissues, Firefox 3.0.5 fixes several additional issues found in Firefox 3.0.4:
  • Fixed several stability issues.
  • Official releases for the Bengali, Esperanto, Galician, Hindi, and Latvian languages are now available.
  • Replaced the End-User License Agreement with a new "Know Your Rights" info bar on initial install.
  • When installing multiple signed XPIs simultaneously, previous versions of Firefox would fail.
  • Fixed several issues found in the accessibility implementation.
  • Added the ability to send OS-specific system notes in the crash reporter.
  • See the Firefox 3.0.4 release notes for changes in previous releases.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: