Firefox 15 Release Includes Critical Security Updates

Firefox 15 was sent to the release channel today by Mozilla.  Included in the update are seven (7) critical, six (6) high, and three (3) moderate security updates.

Based on the extensive list of security updates, it is recommended that the update be applied as soon as possible.

Please also note that the release of Firefox 15 includes the completion of the inclusion of silent updates.

Security Updates Fixed in Firefox 15

MFSA 2012-72 Web console eval capable of executing chrome-privileged code
MFSA 2012-71 Insecure use of __android_log_print
MFSA 2012-70 Location object security checks bypassed by chrome code
MFSA 2012-69 Incorrect site SSL certificate data display
MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html
MFSA 2012-67 Installer will launch incorrect executable following new installation
MFSA 2012-66 HTTPMonitor extension allows for remote debugging without explicit activation
MFSA 2012-65 Out-of-bounds read in format-number in XSLT
MFSA 2012-64 Graphite 2 memory corruption
MFSA 2012-63 SVG buffer overflow and use-after-free issues
MFSA 2012-62 WebGL use-after-free and memory corruption
MFSA 2012-61 Memory corruption with bitmap format images with negative height
MFSA 2012-60 Escalation of privilege through about:newtab
MFSA 2012-59 Location object can be shadowed using Object.defineProperty
MFSA 2012-58 Use-after-free issues found using Address Sanitizer
MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)

What's New

The Release Notes include new and fixed features in version 15.  The huge list of Bug Fixes are in the link available in the References below.

• NEW -- Silent, background updates
• NEW -- Support for SPDY networking protocol v3
• NEW -- WebGL enhancements, including compressed textures for better performance
• NEW -- Localization in Maithili (see all available locales)
• CHANGED -- Optimized memory usage for add-ons
• DEVELOPER -- JavaScript debugger integrated into developer tools
• DEVELOPER -- New layout view added to Inspector
• DEVELOPER -- High precision event timer implemented
• DEVELOPER -- The CSS word-break property has been implemented.
• DEVELOPER -- New responsive design tool allows web developers to switch between desktop and mobile views of sites
• HTML5 -- Native support for the Opus audio codec added
• HTML5 -- The audio and video eleents now support the played attribute
• HTML5 -- The element now supports the media attribute
• FIXED -- Focus rings keep growing when repeatedly tabbing through elements (720987)

 Known Issues

• Unresolved -- Debugger breakpoints do not catch on page reload (see 783393) Note, in Resolved in v16
• Unresolved -- If you try to start Firefox using a locked profile, it will crash (see 573369)
• Unresolved -- For some users, scrolling in the main GMail window will be slower than usual (see 579260)
• Unresolved -- Windows: The use of Microsoft's System Restore functionality shortly after updating Firefox may prevent future updates (see 730285)

Update

To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.

References

• Common questions after updating Firefox
• Security Updates
• Mozilla Firefox Release Notes
• Bug Fixes 

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...