Jump to content

The Firefox/Mozilla Thread


nodles

Recommended Posts

  • Moderators
3 hours ago, JDPower said:

"Beginning in Firefox version 92, you will also receive new, relevant suggestions from our trusted partners"
" For sponsored results, our preferred partner is adMarketplace."

Excuse me while I just go find the big "kill this" button 😄

https://www.theverge.com/2021/10/7/22715179/firefox-suggest-search-ads-browser how to disable

 

ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION

DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF.

Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark)

ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T.

CCLEANER, RECUVA, DEFRAGGLER AND SPECCY DOCUMENTATION CAN BE FOUND AT  https://support.piriform.com/hc/en-us and  https://www.ccleaner.com/docs

Pro users file a PRIORITY SUPPORT request at https://support.piriform.com/hc/en-us/requests/new

link to WINAPP2.INI explanation

Link to comment
Share on other sites

im on ff v78 esr :-) lucky to havent trusted partner(s)  - i hope

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • Moderators

AFAIK 'Firefox suggest' is only currently enabled in the US with v93.0, but no doubt it will be rolled out worldwide.

It's certainly not yet on my v93.0 here in the UK, so can't yet be disabled.

One concern I've seen is that mozilla must now be reading what you are typing into the address bar and processing this information on it's servers in order to offer you it's own suggestions.
But Google, Bing, and other search engines, have been doing that for years anyway.

*** Out of Beer Error ->->-> Recovering Memory ***

Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:
https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043

 

Link to comment
Share on other sites

  • 4 weeks later...

ff v94.0

02. nov 2021

New

  • Colorways animated screenshot

    With 94, you’ll find a selection of six fun seasonal Colorways (available for a limited time only). Now you can find a color to suit (or lift) your every mood.
    Fun fact: Did you know we have more daily users with color themes than dark or Alpenglow on Beta? With Firefox 89, 32% of users clicked through to customize their color theme. And that was just on the first day! We decided to introduce these new Colorways to give our users more to love.

  • Firefox macOS now uses Apple's low power mode for fullscreen video on sites such as YouTube and Twitch. This meaningfully extends battery life in long viewing sessions. Now your kids can find out what the fox says on a loop without you ever missing a beat…

  • With this release, power users can use about:unloads to release system resources by manually unloading tabs without closing them.

  • On Windows, there will now be fewer interruptions because Firefox won’t prompt you for updates. Instead, a background agent will download and install updates even if Firefox is closed.

  • And on Linux, we’ve improved WebGL performance and reduced power consumption for many users.

  • To better protect all Firefox users against side-channel attacks such as Spectre, we’re introducing Site Isolation. It will be rolled out to Firefox 94 users over the next few weeks. We’ve got your back...errr...side!

  • We’re rolling out the Firefox Multi-Account Containers extension with Mozilla VPN integration. This lets you use a different server location for each container.

  • Firefox no longer warns you by default when you exit the browser or close a window using a menu, button, or three-key command. This should cut back on unwelcome notifications which is always nice--however, if you prefer a bit of notice, you’ll still have full control over the quit/close modal behavior. All warnings can be managed within Firefox Settings. No worries! (More details)

  • And now, Firefox supports the new Snap Layouts menus when running on Windows 11.

Fixed
  • We’ve reduced the overhead of using performance.mark() and performance.measure() APIs with a large set of performance entries.

  • Plus, we’ve modified paint suppression during load to greatly improve warmload performance in Site Isolation mode.

  • You’ll also notice a small reduction in Javascript memory usage.

  • With this release, you’ll notice faster Javascript property enumeration as well.

  • We’ve also implemented better scheduling of garbage collection which has improved some pageload benchmarks.

  • This release also sees reduced CPU usage during socket polling for HTTPS connections.

  • Additionally, you’ll notice faster storage initialization.

  • We’ve also improved cold startup by reducing main thread I/O.

  • Plus, closing devtools now reclaims more memory than ever before.

  • And we’ve improved pageload (especially with Site Isolation mode) by setting a higher priority for loading and displaying images.

  • Various security fixes

Enterprise

  • Enterprise users now have more control over Firefox deployments with the availability of our MSIX package on Windows platforms.

  • You’ll also notice various bug fixes and new policies have been implemented in this latest version of Firefox. See more details in the Firefox for Enterprise 94 Release Notes.

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v94.0.1

04. nov 2021

Fixed

  • Fixed browser hangs when viewing fullscreen videos on macOS 10.12 (bug 1737998)

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

ff v91.3.0 esr

02. nov 2021

Fixed

Quote

Security Vulnerabilities fixed in Firefox ESR 91.3

Announced November 2, 2021
Impact high
Products Firefox ESR
Fixed in
  • Firefox ESR 91.3

#CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets

Reporter Armin Ebert
Impact high
Description

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame.

References

#CVE-2021-38504: Use-after-free in file picker dialog

Reporter Irvan Kurniawan
Impact high
Description

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash.

References

#CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data

Reporter Sergey Galich
Impact high
Description

Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.
This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.

References

#CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning

Reporter Irvan Kurniawan
Impact high
Description

Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing.

References

#CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports

Reporter Takeshi Terada
Impact high
Description

The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage.

References

#MOZ-2021-0008: Use-after-free in HTTP2 Session object

Reporter Julien Cristau
Impact high
Description

A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash.
Note: This issue is pending a CVE assignment and will be updated when available.

References

#CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing

Reporter Raphael
Impact moderate
Description

By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission.

References

#CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain

Reporter Ademar Nowasky Junior
Impact moderate
Description

Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing.

References

#CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS

Reporter houjingyi647
Impact moderate
Description

The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.
Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.

References

#MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3

Reporter Mozilla developers
Impact high
Description

Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Note: This issue is pending a CVE assignment and will be updated when available.

References

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

On 04/11/2021 at 18:41, trium said:

 

  • On Windows, there will now be fewer interruptions because Firefox won’t prompt you for updates. Instead, a background agent will download and install updates even if Firefox is closed.

Seems like every new version of Firefox lately there's some new 'feature' that sends me googling the off button. And ooooh, look, new colours. What is going on inside Mozilla lately 🤦‍♂️

Link to comment
Share on other sites

:-) the one or other unnecessary equipment...

 

for downloading older versions:

https://archive.mozilla.org/pub/firefox/releases/

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

  • Moderators
On 05/11/2021 at 19:52, JDPower said:

Seems like every new version of Firefox lately there's some new 'feature' that sends me googling the off button. And ooooh, look, new colours. What is going on inside Mozilla lately 🤦‍♂️

That's par for course with them for the past few years, and like you I don't particularly like it which was what had me using different Chromium (not Google Chrome) builds a few years ago but I tired of all those "me too" and "wannabe" clones. Every new feature they've added in over the past few years I'll never use and have no use for so I ignore them or disable them.

I use Firefox Portable ESR and the recent huge required bump up from version 70ish something (which looked great to me) to version 91.3.0 has yet again no so many years later left another very bad taste (I almost dumped Firefox again in disgust however using it for one full week has made it slightly less harsh). Such a huge version bump was way too much of a drastic visual change, such as how tabs look which I literally can't stand the look of, and the built in light themes all look like rubbish to me and are too bright. I'm not keen on using the dark theme but it's literally the only one that I can stomach that isn't overly eye searing bright. When looking for replacement themes on their add-ons site the comments/complaints people posted about how they change the look of it were rampant and so true.

Link to comment
Share on other sites

I use also ff esr - i dont jump to ff 91.x, i stay with ff 78.15.

I mean also like andavari that the version jumps brings to many visual changes and new features that u never use and blow up firefox with "features". Perhaps to more google look a like contest  instead mozilla  goes its own way as in the past (time before google chrome). I dont want an google chrome "clone" called firefox. ;-) 

Versions of CCleaner Cloud; Introduction Ccleaner Cloud;

Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free

 

Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard"

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.