Firefox updated...

[AplusWebMaster]

Firefox 57.0.2, ESR 52.5.2 released

FYI...

Firefox 57.0.2 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/all/

Release notes:
- https://www.mozilla.org/en-US/firef..._medium=firefox-browser&utm_campaign=whatsnew
Dec 07, 2017
Fixed:
- Block old versions of G Data Endpoint Security for crashing Firefox on start up - Windows only (bug 1421991)
- Fix a regression with WebGL and D3D9 - Windows only

Firefox 57.0.2: https://www.mozilla.org/en-US/security/advisories/mfsa2017-29/
___

Firefox ESR 52.5.2 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/organizations/all/

Release notes: https://www.mozilla.org/en-US/firefox/52.5.2/releasenotes/
Dec 07, 2017
- Various security fixes: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr52.5.2

ESR 52.5.2: https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/
___

> https://www.us-cert.gov/ncas/current-activity/2017/12/07/Mozilla-Releases-Security-Updates
Dec 07, 2017

:fear::fear:

 

[AplusWebMaster]

Firefox 57.0.3 released

FYI...

Firefox 57.0.3 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/all/

> https://www.mozilla.org/en-US/firefox/57.0.3/releasenotes/
Dec 28, 2017
Fixed: Fix a crash reporting issue that inadvertently sends background tab crash reports to Mozilla without user opt-in (bug 1427111)

:fear:

 

[AplusWebMaster]

Firefox 57.0.4 released

FYI...

Firefox 57.0.4 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/all/

> https://www.mozilla.org/en-US/firefox/57.0.4/releasenotes/
Jan 4, 2018
Fixed: Security fixes* to address the Meltdown and Spectre** timing attacks.
* https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox57.0.4
...
> https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/

** https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
___

> https://www.us-cert.gov/ncas/current-activity/2018/01/04/Mozilla-Releases-Security-Update
Jan 04, 2018

> https://www.us-cert.gov/ncas/alerts/TA18-004A
Jan 04, 2018

:fear::fear:

 

[AplusWebMaster]

Firefox 58.0, Firefox ESR 52.6 released

FYI...

Firefox 58.0 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/all/

> https://www.mozilla.org/en-US/firefox/58.0/releasenotes/
Jan 23, 2018
New: Performance improvements, including:
Rendering graphics for Windows users by using Off-Main-Thread Painting (OMTP)
Loading pages faster by changing how Firefox caches and retrieves JavaScript
Improvements to Firefox Screenshots:
Copy and paste screenshots directly to your clipboard
Firefox Screenshots now works in Private Browsing mode
Added Nepali (ne-NP) locale
In case you missed it—57 Release privacy and performance feature:
Users can enable Tracking Protection at all times. Learn how to turn Tracking Protection on.
Fixed:
Fonts installed in non-standard directories will no longer appear blank for Linux users
Various security fixes*
Changed:
User profiles created in Firefox 58 (and in future releases) are not supported in previous versions of Firefox. Users who downgrade to a previous version should create a new profile for that version. Learn about alternatives to downgrading on our support site.
Added a warning to alert users and site owners of planned security changes to sites affected by the gradual distrust plan for the Symantec certificate authority

* https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox58
...
- https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/
CVE-2018-5091: Use-after-free with DTMF timers
Critical
CVE-2018-5090: Memory safety bugs fixed in Firefox 58
Critical
CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
Critical
___

Firefox ESR 52.6 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/organizations/all/

Release notes: https://www.mozilla.org/en-US/firefox/52.6.0/releasenotes/
Jan 23, 2018
Various stability and regression fixes
Various security fixes*
* https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr52.6
...
- https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/
CVE-2018-5091: Use-after-free with DTMF timers
Critical
CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
Critical
___

- https://www.us-cert.gov/ncas/current-activity/2018/01/23/Mozilla-Releases-Security-Updates
Jan 23, 2018

:fear::fear:

 

[AplusWebMaster]

Firefox 58.0.1 released

FYI...

Firefox 58.0.1 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla.org/en-US/firefox/all/

> https://www.mozilla.org/en-US/firefox/58.0.1/releasenotes/
Jan 29, 2018
Fixed:
Security fix: When using certain non-default security policies on Windows (for example with Windows Defender Exploit

Protection or Webroot security products), Firefox 58.0 would fail to load pages (bug 1433065).

- https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/
Jan 29, 2018
Critical
Fixed in: Firefox 58.0.1
This issue did not affect Firefox for Android or Firefox 52 ESR.
References: Sanitize HTML fragments created for chrome-privileged documents (CVE-2018-5124)
___

- https://www.us-cert.gov/ncas/current-activity/2018/01/30/Mozilla-Releases-Security-Update-Firefox
Jan 30, 2018
___

- https://www.securitytracker.com/id/1040308
CVE Reference: CVE-2018-5124
Jan 30 2018
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (58.0.1).

:fear: