Although scheduled for April 19, Mozilla sent Firefox Version 46.0.0 to the release channel today. The update is a major release and includes one (1) critical, four (4) high and four (4) moderate security updates.
Firefox ESR
The next scheduled release is June 7, 2016.
Of interest to Thunderbird users, it appears that Mozilla is looking for a new home for the email client. See Thunderbird is GO: Mozilla prepares to jettison mail client for additional information.
Fixed in Firefox 46
- 2016-48 Firefox Health Reports could accept events from untrusted domains
- 2016-47 Write to invalid HashMap entry through JavaScript.watch()
- 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace
- 2016-44 Buffer overflow in libstagefright with CENC offsets
- 2016-43 Disclosure of user actions through JavaScript with motion and orientation sensors
- 2016-42 Use-after-free and buffer overflow in Service Workers
- 2016-41 Content provider permission bypass allows malicious application to access data
- 2016-40 Privilege escalation through file deletion by Maintenance Service updater
- 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
New
- Improved security of the JavaScript Just In Time (JIT) Compiler
- GTK3 integration (GNU/Linux only)
Fixed
- Screen reader behavior with blank spaces in Google Docs corrected
- Correct rendering for scaled SVGs that use a clip and a mask/li>
Changed
- WebRTC fixes to improve performance and stability/li>
HTML5
- Added support for document.elementsFromPoint
- Added HKDF support for Web Crypto API
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.