Tuesday, July 22, 2014

Mozilla Firefox Version 31.0 Released


Mozilla sent Firefox Version 31.0 to the release channel. At this time, no security updates are listed as being included in the release.

Update:  Although not included in the Release Notes, the Security Fixes page now shows that the update includes three (3) Critical, four (4) High, two (2) Moderate and one (1) Low security updates.

Fixed in Firefox 31

  • MFSA 2014-66 -- IFRAME sandbox same-origin access through redirect
  • MFSA 2014-65 -- Certificate parsing broken by non-standard character encoding
  • MFSA 2014-64 -- Crash in Skia library when scaling high quality images
  • MFSA 2014-63 -- Use-after-free while when manipulating certificates in the trusted cache
  • MFSA 2014-62 -- Exploitable WebGL crash with Cesium JavaScript library
  • MFSA 2014-61 -- Use-after-free with FireOnStateChange event
  • MFSA 2014-60 -- Toolbar dialog customization event spoofing
  • MFSA 2014-59 -- Use-after-free in DirectWrite font handling
  • MFSA 2014-58 -- Use-after-free in Web Audio due to incorrect control message ordering
  • MFSA 2014-57 -- Buffer overflow during Web Audio buffering for playback
  • MFSA 2014-56 -- Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Highlights of the new version include a search field added to the New Tab Page and preferences to modify the browser.tabs.closeButtons was removed.  If you have modified close tabs, this update changes it to default (one close button for each tab).  To restore the setting, an add-on such as Classic Theme Restorer is suggested.

The issue introduced with version 29.1 that many users have experienced with slow shut downs resulting in the "Firefox is already running" warning continues unresolved.  In the meantime, Firefox users having this issue may want to refer to the KB article, "Firefox is already running but is not responding" error message - How to fix it.

What’s New

  • New -- Add the search field to the new tab pag  
  • New -- mozilla::pkix as default certificate verifier (learn more)
  • New -- Block malware from downloaded files (learn more)
  • New -- Partial implementation of the OpenType MATH table (section 6.3.6) see documentation about mathematical fonts and the MathML Torture Test for details
  • New -- Support of Prefer:Safe http header for parental control.
  • New -- audio/video .ogg and .pdf files handled by Firefox if no application specified (Windows only)
  • Changed -- Removal of the CAPS infrastructure for specifying site-specific permissions (via capability.policy.* preferences). Most notably, attempts to use this functionality to grant access to the clipboard will no longer work. The sole exception is the checkloaduri permission, which may still be used as before to allow sites to load file:// URIs.
  • HTML5 -- WebVTT implemented and enabled (learn more)
  • HTML5 -- CSS3 variables implemented (learn more)
  • Developer -- Numerous Developer Tools and other changes.  See Release Notes for details.
  • Fixed -- Search for partially selected link text from context menu (985824)

Known Issues

  • unresolved -- Slow shut downs lead to 'Firefox is already running' warning (see 966469 and 985655)
  • unresolved -- PDF.js: With some fonts, some characters might not be displayed. Affects a very small number of PDF (1028735)
  • unresolved -- Mac OS X and Windows: Citrix Receiver no longer works. As a workaround, mark the plugin as Always Enable in the addon manager (1025627)
  • unresolved -- GNU/Linux and Windows XP: Google Maps Street View displays a black screen (1034593)
  • unresolved -- Mac OS X: cmd-L no longer opens a new window when no window is available (1008793)


To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: