Mozilla sent Firefox Version 36.0.1 to the release channel. The update includes eight (9) security updates, of which four (4) are identified as high, four (4) moderate and one (1) low.
Fixed in Firefox 36.0.1
- 2015-27 Caja Compiler JavaScript sandbox bypass
- 2015-26 UI Tour whitelisted sites in background tab can spoof foreground tabs
- 2015-25 Local files or privileged URLs in pages can be opened into new tabs
- 2015-24 Reading of local files through manipulation of form autocomplete
- 2015-23 Us-after-free in Developer Console date with OpenType Sanitiser
- 2015-22 Crash using DrawTarget in Cairo graphics library
- 2015-21 Buffer underflow during MP3 playback
- 2015-20 Buffer overflow during CSS restyling
- 2015-19 Out-of-bounds read and write while rendering SVG content
What’s New
- Fixed 36.0.1 - Disable the usage of the ANY DNS query type (1093983)
- Fixed 36.0.1 - Fixed a startup crash with EMET (1137050)
- Fixed 36.0.1 - Hello may become inactive until restart (1137469)
- Fixed 36.0.1 - Print preferences may not be preserved (1136855)
- Fixed 36.0.1 - Hello contact tabs may not be visible (1137141)
- Fixed 36.0.1 - Accept hostnames that include an underscore character ("_") (1136616)
- Fixed 36.0.1 - WebGL may use significant memory with Canvas2d (1137251)
- Fixed 36.0.1 - Option -remote has been restored (1080319)
- Fixed 36.0.1 - Fix a top crash
Known Issues
- unresolved Style Editor: Extra white space appearing above the editor for a sourcemapped scss file (1128747)
- unresolved For users who removed the Share & Hello buttons, this new version brings them back unexpectedly (1136300)
- unresolved Firefox Hello does not work for link generators if there is no camera installed (1106941)
No comments:
Post a Comment