Mozilla sent Firefox Version 103.0 to the release channel today. The update includes eight security updates of which two (2) are rated high, four (4) moderate and two (2) are rated low.
Firefox ESR was updated to Version 91.12.
High
- #CVE-2022-36320: Memory safety bugs fixed in Firefox 103
- #CVE-2022-2505: Memory safety bugs fixed in Firefox 103 and 102.1
Moderate
- #CVE-2022-36319: Mouse Position spoofing with CSS transforms
- #CVE-2022-36317: Long URL would hang Firefox for Android
- #CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters
- #CVE-2022-36314: Opening local <code>.lnk</code> files could cause unexpected network loads
Low
- #CVE-2022-36315: Preload Cache Bypasses Subresource Integrity
- #CVE-2022-36316: Performance API leaked whether a cross-site resource is redirecting
New
- Improved responsiveness on macOS during periods of high CPU load by switching to a modern lock API.
- Do you always forget something? Required fields are now highlighted in PDF forms.
- Improved performance on high-refresh rate monitors (120Hz+).
- Enjoying Picture-in-Picture subtitles feature? It just got better: you can now change subtitles font size directly from the PiP window. Additionally, PiP subtitles are now available at Funimation, Dailymotion, Tubi, Hotstar, and SonyLIV.
- Buttons in the Tabs toolbar can now be reached with Tab, Shift+Tab, and Arrow keys.
- Windows' "Make text bigger" accessibility setting now affects all the UI and content pages, rather than only applying to system font sizes.
- Rejoice! You can now conveniently access Firefox, which will now be pinned to the Windows taskbar during installation on Windows 10 and 11. (This will also allow for Firefox to be launched quicker after installing.)
Fixed
- Non-breaking spaces are now preserved—preventing automatic line breaks—when copying text from a form control.
- Fixed WebGL performance issues on NVIDIA binary drivers via DMA-Buf on Linux.
- Fixed an issue in which Firefox startup could be significantly slowed down by the processing of Web content local storage. This had the greatest impact on users with platter hard drives and significant local storage.
Changed
- Removed a configuration option to allow SHA-1 signatures in certificates: SHA-1 signatures in certificates—long since determined to no longer be secure enough—are now not supported.
Web Platform
- Your information now has increased protection from online tracking via Total Cookie Protection enabled by default. All third-party cookies are now isolated into partitioned storage.
Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.
References
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.