Mozilla Firefox Version 82.0 Released With Security Updates

Mozilla sent Firefox Version 82.0 to the release channel today.  The update includes seven security updates of which four (4) are rated high, two (2) moderate and one (1) rated low.

Firefox ESR was updated to Version 78.4.

High

• #CVE-2020-15969: Use-after-free in usersctp
• #CVE-2020-15254: Undefined behavior in bounded channel of crossbeam rust crate
• #CVE-2020-15683: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
• #CVE-2020-15684: Memory safety bugs fixed in Firefox 82

 Moderate

• #CVE-2020-15680: Presence of external protocol handlers could be determined through image tags
• #CVE-2020-15681: Multiple WASM threads may have overwritten each others' stub table entries

 Low

• #CVE-2020-15682: The domain associated with the prompt to open an external protocol could be spoofed to display the incorrect origin

 New

• With this release, Firefox introduces a number of improvements that make watching videos more delightful:

  • the Picture-In-Picture button has a new look and position, making it easier for you to find and use the feature.
  • Picture-In-Picture now has a keyboard shortcut for Mac users (Option + Command + Shift + Right bracket) that works before you start playing the video.
  • For Windows users, Firefox now uses DirectComposition for hardware decoded video, which will improve CPU and GPU usage during video playback, improving battery life.

• Firefox is faster than ever with improved performance on both page loads and start up time:

  • Websites that use flexbox-based layouts load 20% faster than before;
  • Restoring a session is 17% quicker, meaning you can more quickly pick up where you left off;
  • For Windows users, opening new windows got quicker by 10%.
• You can now explore new articles when you save a webpage to Pocket from the Firefox toolbar.
• WebRender continues to roll out to more Firefox users on Windows.

Fixed

• Screen reader features which report paragraphs now correctly report paragraphs in Firefox instead of lines.

Changed

• Credit card auto-fill is now more accessible with the card type, and the card number in the card editor now available to screen readers.
• Printing dialog errors for invalid form entries are now reported to screen readers.

References

• Common questions after updating Firefox
• Security Updates
  
• Release Notes
• Rapid Release Calendar

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...