Tuesday, September 22, 2015

Mozilla Firefox Version 41.0 Released with Critical Security Updates

Mozilla sent Firefox Version 41.0 to the release channel.  The update includes four (4) critical, five (5) high, nine (9) moderate and one (1) minor security update.

Firefox ESR version has been updated to 38.3.0.

Fixed in Firefox 41.0

  • 2015-114 Information disclosure via the High Resolution Time API
  • 2015-113 Memory safety errors in libGLES in the ANGLE graphics library
  • 2015-112 Vulnerabilities found through code inspection
  • 2015-111 Errors in the handling of CORS preflight request headers
  • 2015-110 Dragging and dropping images exposes final URL after redirects
  • 2015-109 JavaScript immutable property enforcement can be bypassed
  • 201-108 Scripted proxies can access inner window
  • 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems
  • 2015-106 Use-after-free while manipulating HTML media content
  • 2015-105 Buffer overflow while decoding WebM video
  • 2015-104 Use-after-free with shared workers and IndexedDB
  • 2015-103 URL spoofing in reader mode
  • 2015-102 Crash when using debugger with SavedStacks in JavaScript
  • 2015-101 Buffer overflow in libvpx while parsing vp9 format video
  • 2015-100 Arbitrary file manipulation by local user through Mozilla updater
  • 2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme
  • 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes
  • 2015-97 Memory leak in mozTCPSocket to servers
  • 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)

What’s New

  • New Enhance IME support on Windows (Vista +) using TSF (Text Services Framework)
  • New Ability to set a profile picture for your Firefox Account
  • New Firefox Hello now includes instant messaging
  • New SVG images can be used as favicons
  • New Improved box-shadow rendering performance
  • Changed WebRTC now requires perfect forward secrecy
  • Changed WARP is disabled on Windows 7
  • Changed Updates to image decoding process
  • Changed Support for running animations of 'transform' and 'opacity' on the compositor thread
  • Fixed Picture element does not react to resize/viewport changes


To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: