Jump to content

The Firefox/Mozilla Thread


nodles

Recommended Posts

ff v78.10.1 esr

04. may 2021

Fixed

  • Resolved an issue caused by a recent Widevine plugin update which prevented some purchased video content from playing correctly (bug 1705138)

  • Security fix

Quote

Security Vulnerabilities fixed in Firefox ESR 78.10.1

Announced May 4, 2021
Impact moderate
Products Firefox ESR
Fixed in
  • Firefox ESR 78.10.1

#CVE-2021-29951: Mozilla Maintenance Service could have been started or stopped by domain users

Reporter James Forshaw
Impact moderate
Description

The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service.
Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.

References

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 3 weeks later...

ff v88.0.1

5. may 2021

Fixed

  • Resolved an issue caused by a recent Widevine plugin update which prevented some purchased video content from playing correctly (bug 1705138)

  • Fixed corruption of videos playing on Twitter or WebRTC calls on some Gen6 Intel graphics chipsets (bug 1708937)

  • Fixed menulists in Preferences being unreadable for users with High Contrast Mode enabled (bug 1706496)

  • Various stability and security fixes.

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 2 weeks later...

ff v89.0

1. june 21

New

  • Say hello to a fresh new Firefox, designed to get you where you want to go even faster. We’ve redesigned and modernized the core experience to be cleaner, more inviting, and easier to use.

    Beginning in 89, you’ll notice a number of changes, including:

    Simplified browser chrome and toolbar: Less frequently used items removed to focus on the most important navigation items.

    Simplified browser chrome and toolbar screenshot

    Clear, streamlined menus: Re-organized and prioritized menu content according to usage. Updated labels and removed iconography.

    Clear, streamlined menus screenshot

    Updated prompts: Infobars, panels, and modals have a cleaner design and clearer language.

    Updated prompts screenshot

    Inspired tab design: Floating tabs neatly contain information and surface cues when you need them, like visual indicators for audio controls. The rounded design of the active tab supports focus and signals the ability to easily move the tab as needed.

    Inspired tab design screenshot

    Fewer interruptions: Reduced number of alerts and messages, so you can browse with fewer distractions.

    Cohesive, calmer visuals: Lighter iconography, a refined color palette, and more consistent styling throughout.

    This release also includes enhancements to our privacy offerings:

  • For macOS users, we're introducing the elastic overscroll effect known from many other applications. A gentle bouncing animation will indicate that you reached the end of the page.

    In addition, we added support for smart zoom. Double-tap with two fingers on your trackpad, or with a single finger on your Magic Mouse, to zoom the content below your cursor into focus.

  • Native context menus: Context menus on macOS are now native and support Dark Mode.

    macOS native context menus screenshot

Fixed

  • Colors in Firefox on macOS will no longer be saturated on wide gamut displays, untagged images are properly treated as sRGB, and colors in images tagged as sRGB will now match CSS colors.

  • In full screen mode on macOS, moving your mouse to the top of the screen will no longer hide your tabs behind the system menu bar.

  • Also in full screen mode on macOS, it is now possible to hide the browser toolbars for a fully immersive full screen experience. This brings macOS in line with Windows and Linux.

  • Various stability and security fixes.

Changed

  • Introducing a non-native implementation of web form controls, which delivers a new modern design and some improvements to page load performance. Watch for layout bugs in web pages that make assumptions about the dimensions or styling of form controls.

  • The screenshots feature is available in the right-click context menu. You can also add a screenshots shortcut to your toolbar. Learn more.

Enterprise

Developer

Developer Information

  • Better keyboard navigation for editable BoxModel properties in the Inspector panel

Web Platform

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v78.11.0 esr

1. june 21

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 78.11

Announced June 1, 2021
Impact moderate
Products Firefox ESR
Fixed in
  • Firefox ESR 78.11

#CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message

Reporter Ronald Crane
Impact moderate
Description

A locally-installed hostile program could send WM_COPYDATA messages that Firefox would processing incorrectly, leading to an out-of-bounds read.
This bug only affects Firefox on Windows. Other operating systems are unaffected.

References

#CVE-2021-29967: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11

Reporter Mozilla developers and community
Impact high
Description

Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Firefox 88 and Firefox ESR 78.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 3 weeks later...

ff v89.0.1

17. june 2021

Fixed

  • Windows: Resolved an issue causing some screen readers to not interact correctly with Firefox anymore (bug 1714212)

  • Updated translations, including full Spanish (Mexico) localization and other improvements (bug 1714946)

  • Fix various font related regressions (bug 1694174)

  • Linux: Fix performance and stability regressions with WebRender (bug 1715895, bug 1715902)

  • macOS: Fix screen flickering when scrolling a page on an external monitor (bug 1715452)

  • Enterprise: Fix for the DisableDeveloperTools policy not having effect anymore (bug 1715777)

  • Linux: Fix broken scrollbars on some GTK themes (bug 1714103)

  • Various stability and security fixes.

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v89.0.2

23. june 2021

Fixed

  • Fix occasional hangs with Software WebRender on Linux (bug 1708224)

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 3 weeks later...

ff v90.0

13. july 2021

New

Fixed

Changed

  • The "Open Image in New Tab" context menu item now opens images and media in a background tab by default. Learn more

  • Most users without hardware accelerated WebRender will now be using software WebRender.

  • Improved software WebRender performance

  • FTP support has been removed

Enterprise

Developer

Developer Information

  • Support for Private Fields (TC39 proposal, stage 3) is available in DevTools. The support includes: object inspection, autocompletion, expression evaluation, variable tooltips, and pretty printing (bug)

  • The Network panel shows a preview of HTTP requests for fonts in the Response tab (bug)

    Network panel font preview screenshot

Web Platform

  • Support for Fetch Metadata Request Headers, which allows web applications to better protect themselves and their users against various cross-origin threats.

  • Added the ability to use client authentication certificates stored in hardware tokens or in Operating System storage.

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v78.12.0 esr

13. july 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 78.12

Announced July 13, 2021
Impact high
Products Firefox ESR
Fixed in
  • Firefox ESR 78.12

#CVE-2021-29970: Use-after-free in accessibility features of a document

Reporter Irvan Kurniawan
Impact high
Description

A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash.
This bug only affected Firefox when accessibility was enabled.

References

#CVE-2021-30547: Out of bounds write in ANGLE

Reporter (Unknown)
Impact high
Description

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.

References

#CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12

Reporter Mozilla developers
Impact high
Description

Mozilla developers Valentin Gosu, Randell Jesup, Emil Ghitta, Tyson Smith, and Olli Pettay reported memory safety bugs present in Firefox 89 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 3 weeks later...

ff v90.0.1

19. july 2021

Fixed

  • Fixed a crash when using some accessibility clients on Windows (bug 1720696)

  • Fixed busy looping processing some HTTP3 responses (bug 1720079)

  • Fixed transient errors authenticating with some smart cards (bug 1715325)

  • Fixed a rare crash on shutdown (bug 1707057)

  • Fixed a race on startup that caused about:support to end up empty after upgrade (bug 1717894)

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v90.0.2

22. july 2021

Fixed

Changed

  • Updates to support DoH Canada rollout

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 2 weeks later...
  • Moderators

Firefox 91 Introduces Enhanced Cookie Clearing

Quote

We are pleased to announce a new, major privacy enhancement to Firefox’s cookie handling that lets you fully erase your browser history for any website. Today’s new version of Firefox Strict Mode lets you easily delete all cookies and supercookies that were stored on your computer by a website or by any trackers embedded in it.

https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/

 

Support contact

https://support.piriform.com/hc/en-us/requests/new

support@ccleaner.com

 

Link to comment
Share on other sites

ff v91.0

10. august 2021

New

  • Building on Total Cookie Protection, we've added a more comprehensive logic for clearing cookies that prevents hidden data leaks and makes it easy for users to understand which websites are storing local information. Learn more

  • Firefox now supports logging into Microsoft, work, and school accounts using Windows single sign-on. Learn more

  • The simplify page when printing feature is back! When printing, under More settings > Format select the Simplified option when available to get a clutter-free page. Learn more

  • HTTPS-First Policy: Firefox Private Browsing windows now attempt to make all connections to websites secure, and fall back to insecure connections only when websites do not support it. Learn more

  • We've added a new locale: Scots (sco)

  • The address bar now provides Switch to Tab results also in Private Browsing windows.

  • Firefox now automatically enables High Contrast Mode when "Increase Contrast" is checked on MacOS

  • Firefox now does catch-up paints for almost all user interactions, enabling a 10-20% improvement in response time to most user interactions.

Fixed

Enterprise

Web Platform

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v78.13.0 esr

10. august 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 78.13

Announced August 10, 2021
Impact high
Products Firefox ESR
Fixed in
  • Firefox ESR 78.13

#CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption

Reporter pahhur
Impact high
Description

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash.
Note: This issue only affected Linux operating systems. Other operating systems are unaffected.

References

#CVE-2021-29988: Memory corruption as a result of incorrect style treatment

Reporter Irvan Kurniawan
Impact high
Description

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.

References

#CVE-2021-29984: Incorrect instruction reordering during JIT optimization

Reporter Lukas Bernhard
Impact high
Description

Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash.

References

#CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption

Reporter Irvan Kurniawan
Impact high
Description

Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.

References

#CVE-2021-29985: Use-after-free media channels

Reporter Marcin 'Icewall' Noga of Cisco Talos
Impact moderate
Description

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.

References

#CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13

Reporter Mozilla developers and community
Impact high
Description

Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

 

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 2 weeks later...

ff v91.0.1

17. august 2021

Fixed

  • Fixed an issue causing buttons on the tab bar to be resized when loading certain websites (bug 1704404)

  • Fixed an issue which caused tabs from private windows to be visible in non-private windows when viewing switch-to-tab results in the address bar panel (bug 1720369)

  • Various stability fixes

  • Security fix

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v91.0.2

24. august 2021

Fixed

  • High Contrast Mode is no longer enabled by default when "Increase Contrast" is checked in macOS settings (bug 1726606)

  • Firefox no longer clears authentication data when purging trackers, to avoid repeatedly prompting for a password (bug 1721084)

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

with ff v78.13.0 esr ends this line

the new esr-line is v91.0

 

ff v91.0 esr

10. august 2021

Firefox 91 ESR includes all of the enhancements since Firefox 78 along with many new features to make your enterprise deployments easier and even more flexible.

New

  • Some of the highlights of the new Extended Support Release are:

    • A number of user interface changes. For more information, see the Firefox 89 release notes.
    • Firefox now supports logging into Microsoft, work, and school accounts using Windows single sign-on. Learn more
    • On Windows, updates can now be applied in the background while Firefox is not running.
    • Firefox for Windows now offers a new page about:third-party to help identify compatibility issues caused by third-party applications
    • Version 2 of Firefox's SmartBlock feature further improves private browsing. Third party Facebook scripts are blocked to prevent you from being tracked, but are now automatically loaded "just in time" if you decide to "Log in with Facebook" on any website.
    • Enhanced the privacy of the Firefox Browser's Private Browsing mode with Total Cookie Protection, which confines cookies to the site where they were created, preventing companis from using cookies to track your browsing across sites. This feature was originally launched in Firefox's ETP Strict mode.
    • PDF forms now support JavaScript embedded in PDF files. Some PDF forms use JavaScript for validation and other interactive features.
    • You'll encounter less website breakage in Private Browsing and Strict Enhanced Tracking Protection with SmartBlock, which provides stand-in scripts so that websites load properly.
    • Improved Print functionality with a cleaner design and better integration with your computer's printer settings.
    • Firefox now protects you from supercookies, a type of tracker that can stay hidden in your browser and track you online, even after you clear cookies. By isolating supercookies, Firefox prevents them from tracking your web browsing from one site to the next.
    • Firefox now remembers your preferred location for saved bookmarks, displays the bookmarks toolbar by default on new tabs, and gives you easy access to all of your bookmarks via a toolbar folder.
    • Native support for macOS devices built with Apple Silicon CPUs brings dramatic performance improvements over the non-native build that was shipped in Firefox 83: Firefox launches over 2.5 times faster and web apps are now twice as responsive (per the SpeedoMeter 2.0 test). If you are on a new Apple device, follow these steps to upgrade to the latest Firefox.
    • Pinch zooming will now be supported for our users with Windows touchscreen devices and touchpads on Mac devices. Firefox users may now use pinch to zoom on touch-capable devices to zoom in and out of webpages.
    • We’ve improved functionality and design for a number of Firefox search features:
    • Selecting a search engine at the bottom of the search panel now enters search mode for that engine, allowing you to see suggestions (if available) for your search terms. The old behavior (immediately performing a search) is available with a shift-click.
    • When Firefox autocompletes the URL of one of your search engines, you can now search with that engine directly in the address bar by selecting the shortcut in the address bar results.
    • We’ve added buttons at the bottom of the search panel to allow you to search your bookmarks, open tabs, and history.
    • Firefox supports AcroForm, which will allow you to fill in, print, and save supported PDF forms and the PDF viewer also has a new fresh look.
    • For our users in the US and Canada, Firefox can now save, manage, and auto-fill credit card information for you, making shopping on Firefox ever more convenient.
    • In addition to our default, dark and light themes, with this release, Firefox introduces the Alpenglow theme: a colorful appearance for buttons, menus, and windows. You can update your Firefox themes under settings or preferences.

Fixed

  • Fixed an issue causing buttons on the tab bar to be resized when loading certain websites (bug 1704404)

Changed

Enterprise

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v91.0.1 esr

17. august 2021

Fixed

  • Fixed an issue causing buttons on the tab bar to be resized when loading certain websites (bug 1704404)

  • Fixed an issue which caused tabs from private windows to be visible in non-private windows when viewing switch-to-tab results in the address bar panel (bug 1720369)

  • Various stability fixes

  • Security fix

Quote

Security Vulnerabilities fixed in Firefox 91.0.1 and Thunderbird 91.0.1

Announced August 16, 2021
Impact high
Products Firefox, Thunderbird
Fixed in
  • Firefox 91.0.1
  • Thunderbird 91.0.1

#CVE-2021-29991: Header Splitting possible with HTTP/3 Responses

Reporter Youssef Sammouda
Impact high
Description

Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3.

References

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 2 weeks later...

ff v92.0

07. september 2021

New

  • More secure connections: Firefox can now automatically upgrade to HTTPS using HTTPS RR as Alt-Svc headers.

  • Full-range color levels are now supported for video playback on many systems.

  • Mac users can now access the macOS share options from the Firefox File menu.

  • Support for images containing ICC v4 profiles is enabled on macOS.

Fixed

  • Firefox performance with screen readers and other accessibility tools is no longer severely degraded if Mozilla Thunderbird is installed or updated after Firefox.

  • macOS VoiceOver now correctly reports buttons and links marked as ‘expanded’ using the aria-expanded attribute.

  • An open alert in a tab no longer causes performance issues in other tabs using the same process.

  • Various security fixes

Changed

  • The bookmark toolbar menus on macOS now follow Firefox visual styles.

  • Certificate error pages have been redesigned for a better user experience.

  • Continuing work to restructure Firefox’s JavaScript memory management to be more performant and use less memory.

Enterprise

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v78.14.0 esr

07. september 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 78.14

Announced September 7, 2021
Impact moderate
Products Firefox ESR
Fixed in
  • Firefox ESR 78.14

#CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer

Reporter James Lee
Impact moderate
Description

When delegating navigations to the operating system, Firefox would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode.
This bug only affects Firefox for Windows. Other operating systems are unaffected.

References

#CVE-2021-38493: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1

Reporter Mozilla developers and community
Impact high
Description

Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v91.1.0 esr

07. september 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 91.1

Announced September 7, 2021
Impact low
Products Firefox ESR
Fixed in
  • Firefox ESR 91.1

#CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer

Reporter James Lee
Impact moderate
Description

When delegating navigations to the operating system, Firefox would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode.
This bug only affects Firefox for Windows. Other operating systems are unaffected.

References

#CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1

Reporter Mozilla developers and community
Impact high
Description

Mozilla developers Tyson Smith, Christian Holler, and Gabriele Svelto reported memory safety bugs present in Firefox 91 and Firefox ESR 91.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 2 weeks later...

ff v92.0.1

23. sept 2021

Fixed

  • Fixes an issue where audio playback was not working on some Linux systems (bug 1730499)

  • Fixes issues with the findbar close button on different operating systems (bug 1728368)

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • 2 weeks later...

ff v93.0

05. october 2021

New

  • Firefox now supports the new AVIF image format, which is based on the modern and royalty free AV1 video codec. It offers significant bandwidth savings for sites compared to existing image formats. It also supports transparency and other advanced features.

  • Firefox PDF viewer now supports filling more forms (XFA-based forms, used by multiple governments and banks). Learn more.

  • When available system memory is critically low, Firefox on Windows will automatically unload tabs based on their last access time, memory usage, and other attributes. This should help reduce Firefox out-of-memory crashes. Switching to an unloaded tab automatically reloads it.

  • To prevent session loss for macOS users who are running Firefox from a mounted .dmg file, they’ll now be prompted to finish installation. This permission prompt only appears the first time these users run Firefox on their computer.

  • Firefox now blocks downloads that rely on insecure connections, protecting against potentially malicious or unsafe downloads. Learn more and see where to find downloads in Firefox.

  • Improved web compatibility for privacy protections with SmartBlock 3.0. Learn more

  • Introducing a new referrer tracking protection in Strict Tracking Protection and Private Browsing. Learn more

  • Introducing Firefox Suggest, a faster way to navigate the web. Learn more about the experience and locale-specific features.

Fixed

  • The VoiceOver screen reader now correctly reports checkable items in accessible tree controls as checked or unchecked.

  • The Orca screen reader now works correctly with Firefox, no longer requiring users to switch to another application after starting Firefox.

  • Various security fixes

Changed

  • TLS ciphersuites that use 3DES have been disabled. Such ciphersuites can only be enabled when deprecated versions of TLS are also enabled. Learn more.

  • The download panel now follows the Firefox visual styles.

Enterprise

Web Platform

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v78.15.0 esr

05. october 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 78.15

Announced October 5, 2021
Impact high
Products Firefox ESR
Fixed in
  • Firefox ESR 78.15

#CVE-2021-38496: Use-after-free in MessageTask

Reporter Yangkang of 360 ATA Team
Impact high
Description

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash.

References

#CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2

Reporter Mozilla developers
Impact high
Description

Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

 

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v91.2.0 esr

05. october 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 91.2

Announced October 5, 2021
Impact high
Products Firefox ESR
Fixed in
  • Firefox ESR 91.2

#CVE-2021-38496: Use-after-free in MessageTask

Reporter Yangkang of 360 ATA Team
Impact high
Description

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash.

References

#CVE-2021-38497: Validation message could have been overlaid on another origin

Reporter Irvan Kurniawan
Impact moderate
Description

Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks.

References

#CVE-2021-38498: Use-after-free of nsLanguageAtomService object

Reporter Yangkang of 360 ATA Team
Impact moderate
Description

During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash.

References

#CVE-2021-32810: Data race in crossbeam-deque

Reporter Maor Kleinberger
Impact moderate
Description

In the crossbeam crate, one or more tasks in the worker queue could have been be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this could have caused a double free and a memory leak.

References

#CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2

Reporter Mozilla developers
Impact high
Description

Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

#CVE-2021-38501: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2

Reporter Mozilla developers
Impact high
Description

Mozilla developers and community members Kevin Brosnan, Mihai Alexandru Michis, and Christian Holler reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

30 minutes ago, trium said:
  • Introducing Firefox Suggest, a faster way to navigate the web. Learn more about the experience and locale-specific features.

 

"Beginning in Firefox version 92, you will also receive new, relevant suggestions from our trusted partners"
" For sponsored results, our preferred partner is adMarketplace."

Excuse me while I just go find the big "kill this" button 😄

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.