Tuesday, July 04, 2023

Mozilla Firefox Version 115.0 Released with Security Updates

 FirefoxMozilla sent Firefox Version 115.0 to the release channel.  The update includes four security updates of which four (4) are rated high, seven (7) moderate, and one (1) rated low.

Firefox ESR was updated to Version 102.13.

Note: This is the last major version of Firefox that will support Windows 7 and Windows 8 (Firefox Support Article) as well as Apple macOS 10.12, 10.13, and 10.14 (Firefox Support Article). Users on those operating systems will be migrated to the ESR 115 version of Firefox so that they continue to receive important updates. 

High

#CVE-2023-37201: Use-after-free in WebRTC certificate generation

#CVE-2023-37202: Potential use-after-free from compartment mismatch in SpiderMonkey

#CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13

#CVE-2023-37212: Memory safety bugs fixed in Firefox 115


Moderate

#CVE-2023-37203: Drag and Drop API may provide access to local system files

#CVE-2023-37204: Fullscreen notification obscured via option element

#CVE-2023-37205: URL spoofing in address bar using RTL characters

#CVE-2023-37206: Insufficient validation of symlinks in the FileSystem API

#CVE-2023-37207: Fullscreen notification obscured

#CVE-2023-37208: Lack of warning when opening Diagcab files

#CVE-2023-37209: Use-after-free in `NotifyOnHistoryReload`


Low
#CVE-2023-37210: Full-screen mode exit prevention

New

  • Migrating from another browser? Now you can bring over payment methods you've saved in Chrome-based browsers to Firefox.

  • Hardware video decoding is now enabled for Intel GPUs on Linux.

  • The Tab Manager dropdown now features close buttons, so you can close tabs more quickly.

  • We've refreshed and streamlined the user interface for importing data in from other browsers.

  • Users without platform support for H264 video decoding can now fallback to Cisco's OpenH264 plugin for playback.

Fixed

  • Windows Magnifier now follows the text cursor correctly when the Firefox title bar is visible.

  • Windows users on low-end/USB wifi drivers and with OS geolocation disabled can now approve geolocation on a case by case basis without causing system-wide network instability.

Changed

  • Undo and redo are now available in Password fields.

  • On Linux, middle clicks on the new tab button will now open the xclipboard contents in the new tab. If the xclipboard content is a URL then that URL is opened, any other text is opened with your default search provider.

  • For users with a Firefox Colorways built-in theme, the theme will be automatically migrated to the same theme hosted on addons.mozilla.org for Firefox profiles that have disabled add-ons auto-updates. This will allow users to keep their Colorways theme when they are later removed from Firefox installer files.

  • Certain Firefox users may come across a message in the extensions panel indicating that their add-ons are not allowed on the site currently open. We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns.


Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Posted by
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)