Security Updates in Firefox 3.0.5
MFSA 2008-69 XSS vulnerabilities in SessionStoreIn addition to the above securityissues, Firefox 3.0.5 fixes several additional issues found in Firefox 3.0.4:
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-60 Crashes with evidence of memory corruption (rv:18.104.22.168/22.214.171.124)
- Fixed several stability issues.
- Official releases for the Bengali, Esperanto, Galician, Hindi, and Latvian languages are now available.
- Replaced the End-User License Agreement with a new "Know Your Rights" info bar on initial install.
- When installing multiple signed XPIs simultaneously, previous versions of Firefox would fail.
- Fixed several issues found in the accessibility implementation.
- Added the ability to send OS-specific system notes in the crash reporter.
- See the Firefox 3.0.4 release notes for changes in previous releases.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...