Mozilla sent Firefox Version 118.0 to the release channel. The update includes fourteen security updates of which six (6) are rated high, two (2) moderate, and one (1) rated low.
Firefox ESR was updated to Versions 103.0 and 115.3.
High
#CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
#CVE-2023-5169: Out-of-bounds write in PathOps
#CVE-2023-5170: Memory leak from a privileged process
#CVE-2023-5171: Use-after-free in Ion Compiler
#CVE-2023-5172: Memory Corruption in Ion Hints
#CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3
Moderate
#CVE-2023-5173: Out-of-bounds write in HTTP Alternate Services
#CVE-2023-5174: Double-free in process spawning on Windows
Low
#CVE-2023-5175: Use-after-free of ImageBitmap during process shutdown
New
Automated translation of web content is now available to Firefox users! Unlike cloud-based alternatives, translation is done locally in Firefox, so that the text being translated does not leave your machine.
Web Audio in Firefox now uses the FDLIBM math library on all systems to improve anonymity with Fingerprint Protection.
The visibility of fonts to websites has been restricted to system fonts and language pack fonts to mitigate font fingerprinting in Private Browsing windows.
Video Effects and background blur are now available to Firefox users on Google Meet! (Note: These effects have also been released retroactively to support Firefox versions back to Firefox 115.)
Firefox Suggest users (US-only at this time) will now be able to see browser add-on suggestions right in the address bar based on their keywords.
Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.
References
No comments:
Post a Comment