Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 34

Thread: Firefox updated...

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v17.0.1 released

    FYI...

    Firefox v17.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    Nov 30, 2012

    What's new...
    - https://www.mozilla.org/en-US/firefo.../releasenotes/

    Complete list of Bug fixes:
    - https://www.mozilla.org/en-US/firefo...s/buglist.html

    Security Advisories for v17.0.1:
    - https://www.mozilla.org/security/kno...#firefox17.0.1
    Not available as date/time of this post

    Last edited by AplusWebMaster; 2012-12-02 at 03:12.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #12
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v18.0 released

    FYI...

    Firefox v18.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    Jan 8, 2013

    What's new...
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Complete list of Bug fixes:
    - https://www.mozilla.org/en-US/firefo...s/buglist.html

    Security Advisories for v18.0:
    - https://www.mozilla.org/security/kno...html#firefox18
    Fixed in Firefox 18
    MFSA 2013-20 Mis-issued TURKTRUST certificates
    MFSA 2013-19 Use-after-free in Javascript Proxy objects
    MFSA 2013-18 Use-after-free in Vibrate
    MFSA 2013-17 Use-after-free in ListenerManager
    MFSA 2013-16 Use-after-free in serializeToStream
    MFSA 2013-15 Privilege escalation through plugin objects
    MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
    MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
    MFSA 2013-12 Buffer overflow in Javascript string concatenation
    MFSA 2013-11 Address space layout leaked in XBL objects
    MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin policy
    MFSA 2013-09 Compartment mismatch with quickstubs returned values
    MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during garbage collection
    MFSA 2013-07 Crash due to handling of SSL on threads
    MFSA 2013-06 Touch events are shared across iframes
    MFSA 2013-05 Use-after-free when displaying table with many columns and column groups
    MFSA 2013-04 URL spoofing in addressbar during page loads
    MFSA 2013-03 Buffer Overflow in Canvas
    MFSA 2013-02 Use-after-free and buffer overflow issues found using Address Sanitizer
    MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2)
    MFSA 2012-98 Firefox installer DLL hijacking
    ___

    - http://www.securitytracker.com/id/1027955
    CVE Reference: CVE-2013-0743, CVE-2013-0744, CVE-2013-0745, CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, CVE-2013-0749, CVE-2013-0750, CVE-2013-0751, CVE-2013-0752, CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756, CVE-2013-0757, CVE-2013-0758, CVE-2013-0759, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0764, CVE-2013-0766, CVE-2013-0767, CVE-2013-0768, CVE-2013-0769, CVE-2013-0770, CVE-2013-0771
    Jan 9 2013
    Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 18.0
    Solution: The vendor has issued a fix (ESR 10.0.12, ESR 17.0.2, 18.0)...

    - http://h-online.com/-1780088
    9 Jan 2013 - "Mozilla has fixed 20 security holes with the release... 12 of these vulnerabilities have been rated critical by the organisation, the rest are classified as having high impact..."

    Last edited by AplusWebMaster; 2013-01-09 at 15:10.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #13
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v18.0.1 released ...

    FYI...

    Firefox v18.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html

    What's new...
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Jan 18, 2013
    18.0.1: Problems involving HTTP Proxy Transactions (Associated bugs)
    18.0.1: Unity player crashes on Mac OS X (bug 828954)
    18.0.1: Disabled HIDPI support on external monitors to avoid rendering glitches (bug 814434)
    FIXED
    ___

    - http://h-online.com/-1787497
    19 Jan 2013

    Last edited by AplusWebMaster; 2013-01-26 at 15:38.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #14
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Post Firefox v18.0.2 released

    FYI...

    Firefox v18.0.2 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html

    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Feb 5, 2013 - 18.0.2: Fix JavaScript related stability issues
    ___

    - https://wiki.mozilla.org/Releases#Upcoming_Releases
    Firefox 19 - Week of 2013-02-18

    Last edited by AplusWebMaster; 2013-02-06 at 08:45.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #15
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v19.0 released

    FYI...

    Firefox v19.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    Feb 19, 2013

    What's new...
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    ... NEW: Built-in PDF viewer*...
    CHANGED, DEVELOPER, HTML5, FIXED, Known Issues...

    Complete list of Bug fixes:
    - https://www.mozilla.org/en-US/firefo...s/buglist.html

    Security Advisories for v19.0:
    - https://www.mozilla.org/security/kno...html#firefox19
    MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
    MFSA 2013-27 Phishing on HTTPS connection through malicious proxy
    MFSA 2013-26 Use-after-free in nsImageLoadingContent
    MFSA 2013-25 Privacy leak in JavaScript Workers
    MFSA 2013-24 Web content bypass of COW and SOW security wrappers
    MFSA 2013-23 Wrapped WebIDL objects can be wrapped again
    MFSA 2013-22 Out-of-bounds read in image rendering
    MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)
    ___

    - http://www.securitytracker.com/id/1028162
    CVE Reference: CVE-2013-0765, CVE-2013-0772, CVE-2013-0773, CVE-2013-0774, CVE-2013-0775, CVE-2013-0776, CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782, CVE-2013-0783, CVE-2013-0784
    Feb 20 2013
    Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 19.0...

    - http://h-online.com/-1806437
    19 Feb 2013
    ___

    * How to disable pdf viewer?
    Type about:config in the address bar and press Enter.
    Press the big button to bypass the warning.
    In the Filter bar, paste pdfjs.disabled
    In the search results, double-click pdfjs.disabled to set its value to -true-
    Restart Firefox for the changes to take effect.

    - https://github.com/mozilla/pdf.js/wi...ning-Resources

    Last edited by AplusWebMaster; 2013-02-21 at 14:11.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #16
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v19.0.2 released

    FYI...

    Firefox v19.0.2 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    Mar 7, 2013

    Security Advisories for v19.0.2:
    - https://www.mozilla.org/security/kno...#firefox19.0.2
    Fixed in Firefox 19.0.2
    MFSA 2013-29 Use-after-free in HTML Editor CVE-2013-0787

    - https://www.mozilla.org/en-US/firefo.../releasenotes/

    - https://secunia.com/advisories/52538/
    Release Date: 2013-03-08
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Solution: Update to a fixed version.
    Original Advisory: MFSA 2013-29:
    - http://www.mozilla.org/security/anno...sa2013-29.html

    Last edited by AplusWebMaster; 2013-03-08 at 13:50.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #17
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v20.0 released

    FYI...

    Firefox v20.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    April 2, 2013

    Security Advisories for v20.0:
    - https://www.mozilla.org/security/kno...html#firefox20
    Fixed in Firefox 20
    MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage
    MFSA 2013-39 Memory corruption while rendering grayscale PNG images
    MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations
    MFSA 2013-37 Bypass of tab-modal dialog origin disclosure
    MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes
    MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux
    MFSA 2013-34 Privilege escalation through Mozilla Updater
    MFSA 2013-33 World read and write access to app_tmp directory on Android
    MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service
    MFSA 2013-31 Out-of-bounds write in Cairo library
    MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)

    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    FIXED 20.0: Security fixes ...
    NEW Per-window Private Browsing...
    NEW New download experience...
    NEW Ability to close hanging plugins, without the browser hanging
    ___

    - http://h-online.com/-1833854
    2 April 2013

    - http://www.theinquirer.net/inquirer/...ivate-browsing
    Apr 03 2013

    - http://www.securitytracker.com/id/1028379
    CVE Reference: CVE-2013-0788, CVE-2013-0789, CVE-2013-0790, CVE-2013-0791, CVE-2013-0792, CVE-2013-0793, CVE-2013-0794, CVE-2013-0795, CVE-2013-0796, CVE-2013-0797, CVE-2013-0798, CVE-2013-0799, CVE-2013-0800
    Apr 3 2013
    Impact: Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 20.0 ...

    Last edited by AplusWebMaster; 2013-04-03 at 16:32.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #18
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v20.0.1 released

    FYI...

    Firefox v20.0.1 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    April 11, 2013

    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    FIXED: 20.0.1 - Windows-only update to handle issues around handling UNC paths...

    - https://en.wikipedia.org/wiki/Path_%...ing_Convention

    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #19
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v21.0 released

    FYI...

    Firefox v21.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    May 14, 2013

    Security Advisories for v21.0:
    * https://www.mozilla.org/security/kno...html#firefox21
    Fixed in Firefox 21
    MFSA 2013-48 Memory corruption found using Address Sanitizer
    MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
    MFSA 2013-46 Use-after-free with video and onresize event
    MFSA 2013-45 Mozilla Updater fails to update some Windows Registry entries
    MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
    MFSA 2013-43 File input control has access to full path
    MFSA 2013-42 Privileged access for content level constructor
    MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    NEW The Social API now supports multiple providers
    NEW Enhanced three-state UI for Do Not Track (DNT)
    NEW Firefox will suggest how to improve your application startup time if needed
    NEW Preliminary implementation of Firefox Health Report
    CHANGED Ability to restore removed thumbnails on New Tab Page
    CHANGED CSS -moz-user-select:none selection changed to improve compatibility with -webkit-user-select:none (bug 816298)
    CHANGED Graphics related performance improvements (bug 809821)
    CHANGED Removed E4X support from Spidermonkey
    DEVELOPER Implemented Remote Profiling
    DEVELOPER Integrated add-on SDK loader and API libraries into Firefox
    HTML5 Added support for <main> element
    HTML5 Implemented scoped stylesheets
    FIXED Some function keys may not work when pressed (833719)
    FIXED Browsing and Download history clearing needs unification to avoid confusion on clearing download history (847627)
    FIXED 21.0: Security fixes can be found here* ...

    - https://secunia.com/advisories/53400/
    Release Date: 2013-05-15
    Criticality level: Highly critical
    Impact: Security Bypass, System access
    Where: From remote ...
    Solution: Update to version 21.0.

    - http://www.securitytracker.com/id/1028555
    CVE Reference: CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1671, CVE-2013-1672, CVE-2013-1673, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
    May 14 2013
    Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 17.0.6 and 21.0...

    Last edited by AplusWebMaster; 2013-05-15 at 11:50.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #20
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,045

    Exclamation Firefox v22.0 released

    FYI...

    Firefox v22.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html
    June 25, 2013

    Security Advisories for v22.0:
    * https://www.mozilla.org/security/kno...html#firefox22
    Fixed in Firefox 22
    MFSA 2013-62 Inaccessible updater can lead to local privilege escalation
    MFSA 2013-61 Homograph domain spoofing in .com, .net and .name
    MFSA 2013-60 getUserMedia permission dialog incorrectly displays location
    MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context
    MFSA 2013-58 X-Frame-Options ignored when using server push with multi-part responses
    MFSA 2013-57 Sandbox restrictions not applied to nested frame elements
    MFSA 2013-56 PreserveWrapper has inconsistent behavior
    MFSA 2013-55 SVG filters can lead to information disclosure
    MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks
    MFSA 2013-53 Execution of unmapped memory through onreadystatechange event
    MFSA 2013-52 Arbitrary code execution within Profiler
    MFSA 2013-51 Privileged content access and execution via XBL
    MFSA 2013-50 Memory corruption found using Address Sanitizer
    MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/

    ... complete list of changes in this release... 510 bugs found.
    ___

    - https://secunia.com/advisories/53970/
    Release Date: 2013-06-26
    Criticality level: Highly Critical
    Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
    ... vulnerabilities are reported in versions prior to 22.0.
    Solution: Upgrade to version 22.0.

    - http://www.securitytracker.com/id/1028702
    CVE Reference: CVE-2013-1682, CVE-2013-1683, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, CVE-2013-1687, CVE-2013-1688, CVE-2013-1690, CVE-2013-1692, CVE-2013-1693, CVE-2013-1694, CVE-2013-1695, CVE-2013-1696, CVE-2013-1697, CVE-2013-1698, CVE-2013-1699, CVE-2013-1700
    Jun 26 2013
    Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to ESR 17.0.7; prior to 22.0 ...

    Last edited by AplusWebMaster; 2013-06-26 at 17:01.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •