Tuesday, August 16, 2011

Mozilla Firefox 6 Released, Includes Critical Security Updates

In keeping with the rapid release schedule, Mozilla released Firefox 6 today.

As expected when a version update is released, you may find that many of your favorite add-ons are not compatible with the new release.  Use Add-on Compatibility Reporter to test and report on your favorite add-ons in version 6.

What's New

  • The address bar now highlights the domain of the website you're visiting
  • Streamlined the look of the site identity block
  • Added support for the latest draft version of WebSockets with a prefixed API
  • Added support for EventSource / server-sent events
  • Added support for window.matchMedia
  • Added Scratchpad, an interactive JavaScript prototyping environment
  • Added a new Web Developer menu item and moved development-related items into it
  • Improved usability of the Web Console
  • Improved the discoverability of Firefox Sync
  • Reduced browser startup time when using Panorama
  • Fixed several stability issues
  • Fixed several security issues

Fixed in Firefox 6

MFSA 2011-29 includes eight (8) critical and two (2) high security updates.

Miscellaneous memory safety hazards (rv:4.0)
Impact: Critical
Description: Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
JavaScript crash
Crash in the Ogg reader which affected Firefox 4 and Firefox 5.
Memory safety issues which affected Firefox 4 and Firefox 5.
Unsigned scripts can call script inside signed JAR
Impact: Critical
Description: Unsigned JavaScript could call into script inside a signed JAR thereby inheriting the identity of the site that signed the JAR as well as any permissions that a user had granted the signed JAR.
This is a distinct issue from MFSA 2008-23 and did not affect Firefox 3.6.


String crash using WebGL shaders
Impact: Critical
Description: An overly long shader program could cause a buffer overrun and crash in a string class used to store the shader source code.

Heap overflow in ANGLE library
Impact: Critical
Description: Potentially exploitable heap overflow in the ANGLE library used by Mozilla's WebGL implementation.

Crash in SVGTextElement.getCharNumAtPosition()
Impact: Critical
Description:  A SVG text manipulation routine contained a dangling pointer vulnerability.

Credential leakage using Content Security Policy reports
Impact: High
Description: Content Security Policy violation reports failed to strip out proxy authorization credentials from the list of request headers. Redirecting to a website with Content Security Policy resulted in the incorrect resolution of hosts in the constructed policy.

Cross-origin data theft using canvas and Windows D2D
Impact: High
Description: When using Windows D2D hardware acceleration, image data from one domain could be inserted into a canvas and read by a different domain.


The upgrade to Firefox 6 will be offered through the browser update mechanism.  However, as the upgrade includes critical security updates, it is recommended that the update be applied as soon as possible.  To get the update now, select Help, About Firefox, Check for Updates.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: