Mozilla Firefox Version 116.0 Released with Security Update ~ Security Garden

Tuesday, August 01, 2023

Mozilla Firefox Version 116.0 Released with Security Update

Mozilla sent Firefox Version 116.0 to the release channel. The update includes four security updates of which nine (9) are rated high, three (3) moderate, and one (1) rated low.

Firefox ESR was updated to Versions 102.14 and 115.1.

High

#MFSA-RESERVE-2023-0001: Offscreen Canvas could have bypassed cross-origin restrictions

#MFSA-RESERVE-2023-0002: Incorrect value used during WASM compilation

#MFSA-RESERVE-2023-0003: Potential permissions request bypass via clickjacking

#MFSA-RESERVE-2023-0004: Crash in DOMParser due to out-of-memory conditions

#MFSA-RESERVE-2023-0005: Fix potential race conditions when releasing platform objects

#MFSA-RESERVE-2023-0006: Stack buffer overflow in StorageManager

#MFSA-RESERVE-2023-0012: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14

#MFSA-RESERVE-2023-0013: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1

#MFSA-RESERVE-2023-0014: Memory safety bugs fixed in Firefox 116

Moderate

#MFSA-RESERVE-2023-0007: Full screen notification obscured by file open dialog

#MFSA-RESERVE-2023-0008: File deletion and privilege escalation through Firefox uninstaller

#MFSA-RESERVE-2023-0009: Full screen notification obscured by external program

Low

#MFSA-RESERVE-2023-0011: Cookie jar overflow caused unexpected cookie jar state

New

Sidebar switcher allows users to access Bookmarks, History and Synced Tabs panels easily, quickly switch between them, move the sidebar to another side of the browser window, or close the sidebar. Now, keyboard users would be able to do it all with ease too, with or without any assistive technology running, without needing to memorize keyboard shortcuts to access these panels.
When an update is available in English locales, users will now have access to the release notes in the update notification prompt in the form of a "Learn More" link.
It is now possible to copy any file from your operating system and paste it into Firefox.
You asked, and we listened! The volume slider is now available in Picture-in-Picture.
We added the possibility to edit existing text annotations.

Fixed

The upload performance of HTTP/2 has been significantly improved starting with Firefox 115.0, particularly on those with a higher bandwidth delay product (i.e., networks characterized by both high bandwidth and high latency).

Changed

The keyboard shortcut to reopen closed tabs (command + shift + t) now reopens last closed tab or last closed window, in the order items were closed. If there aren't any tabs or windows to reopen, this command restores the previous session. This change is in anticipation of upcoming changes to recently closed tabs.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Welcome to the Security Garden, where everything is coming up roses.

The best way to protect your garden is to fence it in. The same applies to your computer.
Get computer security news and information, help, tips and more at the Security Garden.

Articles

My Garden Roots

Perennial Favorites

Article Categories

Tuesday, August 01, 2023