Tuesday, March 18, 2014

Mozilla Firefox 28.0 Released with Critical Updates


Mozilla sent Firefox Version 28.0 to the release channel.  The update includes five (5) Critical, three (3) High, seven (7) Moderate and two (2) Low security updates.

Edit Note:  These updates address the four holes in the PWN2OWN Competition. 

Fixed in Firefox 28

  • MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering
  • MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects
  • MFSA 2014-30 Use-after-free in TypeObject
  • MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs
  • MFSA 2014-28 SVG filters information disclosure through feDisplacementMap
  • MFSA 2014-27 Memory corruption in Cairo during PDF font rendering
  • MFSA 2014-26 Information disclosure through polygon rendering in MathML
  • MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape
  • MFSA 2014-24 Android Crash Reporter open to manipulation
  • MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore
  • MFSA 2014-22 WebGL content injection from one domain to rendering in another
  • MFSA 2014-21 Local file access via Open Link in new tab
  • MFSA 2014-20 onbeforeunload and Javascript navigation DOS
  • MFSA 2014-19 Spoofing attack on WebRTC permission prompt
  • MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key
  • MFSA 2014-17 Out of bounds read during WAV file decoding
  • MFSA 2014-16 Files extracted during updates are not always read only
  • MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)

What’s New

  • NEW -- VP9 video decoding implemented
  • NEW -- Mac OS X: Notification Center support for web notifications
  • NEW -- Volume control for HTML5 audio/video
  • NEW -- Support for Opus in WebM
  • CHANGED -- Now that spdy/3 is implemented support for spdy/2 has been removed and servers without spdy/3 will negotiate to http/1 without any penalty
  • DEVELOPER -- Support for MathML 2.0 'mathvariant' attribute
  • DEVELOPER -- Background thread hang reporting
  • DEVELOPER -- Support for multi-line flexbox in layout
  • FIXED -- Various security fixes

Known Issues

  • Unresolved -- Echo cancellation on apprtc.appspot.com fails (see 974537), Unresolved on v28 Resolved in v29
  • Unresolved -- Text Rendering Issues on Windows 7 with Platform Update KB2670838 (MSIE 10 Prerequisite) or on Windows 8.1 has a workaround (see 812695)


To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: