Mozilla Firefox Version 104.0 Released with Security Updates

                Mozilla sent Firefox Version 104.0 to the release channel today.  The update includes six security updates of which four (4) are rated high and two (2) are rated low.

Firefox ESR was updated to Version 91.13.

High

• #CVE-2022-38472: Address bar spoofing via XSLT error handling
• #CVE-2022-38473: Cross-origin XSLT Documents would have inherited the parent's permissions
• #CVE-2022-38477: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
• #CVE-2022-38478: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13

Low

• #CVE-2022-38474: Recording notification not shown when microphone was recording on Android
• #CVE-2022-38475: Attacker could write a value to a zero-length array

New

• Subtitles are now available for Disney+ in Picture-in-Picture.
• Firefox now supports both the scroll-snap-stop property as well as re-snapping. You can use the scroll-snap-stop property's always and normal values to specify whether or not to pass the snap points, even when scrolling fast. Re-snapping tries to keep the last snap position after any content/layout changes.
• The Firefox profiler can analyze power usage of a website (Apple M1 and Windows 11 only).
• The Firefox UI itself will now be throttled for performance and battery usage when minimized or occluded, in the same way background tabs are.

Fixed

• Highlight color is preserved correctly after typing Enter in the mail composer of Yahoo Mail and Outlook.
• After bypassing the https only error page navigating back would take you to the error page that was previously dismissed. Back now takes you to the previous site that was visited.
• Paste unformatted shortcut (shift+ctrl/cmd+v) now works in plain text contexts, such as input and text area.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References

• Security Updates
• Release Notes
• Rapid Release Calendar

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...