April 26th, 2012Fixes:
· Crash in JSAutoEnterCompartment::enter
April 25th, 2012What’s New:
· NEW: Page Source now has line numbers
· CHANGED: Line breaks are now supported in the title attribute
· CHANGED: Improvements to "Find in Page" to center search result
· CHANGED: URLs pasted into the download manager window are now automatically downloaded
· DEVELOPER: Support for the text-align-last CSS property has been added
· DEVELOPER: Experimental support for ECMAScript 6 Map and Set objects has been implemented
· FIXED: Various security fixes
· FIXED: Some TinyMCE-based editors failed to load (739141)
· FIXED: OS X: WebGL performance may be degraded on some hardware (713305)
Known Issues:
· Unresolved: If you try to start Firefox using a locked profile, it will crash (see 573369)
· Unresolved: For some users, scrolling in the main GMail window will be slower than usual (see 579260)
· Unresolved: Some synaptic touch pads are unable to vertical scroll (see 622410)
March 29th, 2012Fixes:
· Bug 735384: Tracking bug for build & release of Firefox+Fennec 12.0b3
· Bug 738203: "You're running an unknown version of Firefox"
· Bug 627182: Automate signing and publishing of XULRunner builds
March 14th, 2012· NEW: Firefox can now migrate your bookmarks, history, and cookies from Google Chrome
· NEW: With Sync enabled, add-ons can now be synchronized across your computers
· NEW: The CSS text-size-adjust property is now supported
· CHANGED: Redesigned media controls for HTML5 video
· HTML5: The outerHTML property is now supported on HTML elements
· HTML5: View source syntax highlighting now uses the HTML5 parser (see bug 482921)
· DEVELOPER: The Style Editor for CSS editing is now available to web developers
· DEVELOPER: Web developers can now visualize a web page in 3D using the Page Inspector 3D View
· DEVELOPER: SPDY protocol support for faster page loads is now testable
· DEVELOPER: XMLHttpRequest now supports HTML parsing
· DEVELOPER: Files can now be stored in IndexedDB (see bug 661877)
· DEVELOPER: Websockets has now been unprefixed
· FIXED: Various security fixes
· FIXED: Firefox notifications may not work properly with Growl 1.3 or later (691662)
Known Issues:
· Unresolved: If you try to start Firefox using a locked profile, it will crash (see 573369)
· Unresolved: For some users, scrolling in the main GMail window will be slower than usual (see 579260)
· Unresolved: Some synaptic touch pads are unable to vertical scroll (see 622410)
· Unresolved: OS X: WebGL performance may be degraded on some hardware (see 713305)
· Unresolved: Windows: The use of Microsoft's System Restore functionality shortly after updating Firefox may prevent future updates (see 730285)
February 17th, 2012· FIXED: Security fixes can be found here.
· FIXED: Java applets sometimes caused text input to become unresponsive (bug 718939)
· NEW: Most add-ons are now compatible with new versions of Firefox by default
· NEW: The forward button is now hidden until you navigate back
· NEW: Anti-Aliasing for WebGL is now implemented (see bug 615976)
· NEW: CSS3 3D-Transforms are now supported (see bug 505115)
· HTML5: New element for bi-directional text isolation, along with supporting CSS properties (see bugs 613149 and 662288)
· HTML5: Full Screen APIs allow you to build a web application that runs full screen (see the feature page)
· DEVELOPER: We've added IndexedDB APIs to more closely match the specification
· DEVELOPER: Inspect tool with content highlighting, includes new CSS Style Inspector
· FIXED: Mac OS X only - after installing the latest Java release from Apple, Firefox may crash when closing a tab with a Java applet installed (700835)
· FIXED: Some users may experience a crash when moving bookmarks (681795)
· FIXED: Silverlight video may not play on some Macintosh hardware (715396)
February 10th, 2012Fixed:
· A top startup crash (bug is security locked because it's a crash)
· Java applets cause text areas to hang (bug 718939)
February 4th, 2012· NEW: Windows: Firefox is now easier to update with one less prompt (User Account Control)
· NEW: Page Source now has line numbers
· CHANGED: Line breaks are now supported in the title attribute
· CHANGED: Smooth scrolling is now enabled by default
· CHANGED: URLs pasted into the download manager window are now automatically downloaded
· DEVELOPER: The column-fill CSS property has been implemented
· DEVELOPER: Support for the text-align-last CSS property has been added
· DEVELOPER: Experimental support for ECMAScript 6 Map and Set objects has been implemented
· FIXED: Improvements to "Find in Page" to center search result
February 3rd, 2012· NEW: The forward button is now hidden until you navigate back
· NEW: Most add-ons are now compatible with new versions of Firefox by default
· NEW: Anti-Aliasing for WebGL is now implemented (see bug 615976)
· NEW: CSS3 3D-Transforms are now supported (see bug 505115)
· HTML5: New element for bi-directional text isolation, along with supporting CSS properties (see bugs 613149 and 662288)
· HTML5: Full Screen APIs allow you to build a web application that runs full screen (see the feature page)
· DEVELOPER: We've added IndexedDB APIs to more closely match the specification
· DEVELOPER: Inspect tool with content highlighting, includes new CSS Style Inspector
· FIXED: Mac OS X only - after installing the latest Java release from Apple, Firefox may crash when closing a tab with a Java applet installed (700835)
· FIXED: Some users may experience a crash when moving bookmarks (681795)
December 23rd, 2011· NEW - The forward button is now hidden until you navigate back
· NEW - Anti-Aliasing for WebGL is now implemented (see bug 615976)
· NEW - Full Screen APIs allow you to build a web application that runs full screen (see the feature page)
· NEW - CSS3 3D-Transforms are now supported (see bug 505115)
· HTML5 - New element for bi-directional text isolation, along with supporting CSS properties (see bugs 613149 and 662288)
· DEVELOPER - Inspect tool with content highlighting, includes new CSS Style Inspector
· DEVELOPER - We've added IndexedDB APIs to more closely match the specification
· FIXED - Some users may experience a crash when moving bookmarks (681795)
December 20th, 2011· Added Type Inference, significantly improving JavaScript performance
· Improved theme integration for Mac OS X Lion
· Added two finger swipe navigation for Mac OS X Lion
· Added support for querying Do Not Track status via JavaScript
· Added support for font-stretch
· Improved support for text-overflow
· Improved standards support for HTML5, MathML, and CSS
· Fixed several stability issues
· Fixed several security issues
December 14th, 2011· Added Type Inference, significantly improving JavaScript performance
· Improved theme integration for Mac OS X Lion
· Added two finger swipe navigation for Mac OS X Lion
· Added support for querying Do Not Track status via JavaScript
· Added support for font-stretch
· Improved support for text-overflow
· Improved standards support for HTML5, MathML, and CSS
· Fixed several stability issues
November 22nd, 2011· Fixed Mac OS X crash that occurred in certain instances when a Java Applet is loaded with Java SE 6 version 1.6.0_29 installed.
· Fixed Windows startup crash caused by RoboForm versions older than 7.6.2.
November 12th, 2011· NEW: Anti-Aliasing for WebGL is now implemented (see bug 615976)
· NEW: Inspect tool with content highlighting, includes new CSS Style Inspector
· NEW: Full Screen APIs allow you to build a web application that runs full screen (see the feature page)
· NEW: View source syntax highlighting now uses the HTML5 parser (see bug 482921)
· NEW: CSS3 3D-Transforms are now supported (see bug 505115)
· NEW: Added IdexedDB APIs to more closely match the specification
· HTML5: New element for bi-directional text isolation, along with supporting CSS properties (see bugs 613149 and 662288)
· FIXED: Some users may experience a crash when moving bookmarks (see 681795)
· FIXED: For some users, visiting Google+ will cause the back and forward buttons to no longer work (see 670318)
November 6th, 2011· Add-ons installed by third party programs are now disabled by default
· Added a one-time add-on selection dialog to manage previously installed add-ons
· Added Twitter to the search bar
· Added a preference to load tabs on demand, improving start-up time when windows are restored
· Improved tab animations when moving, reordering, or detaching tabs
· Improved performance and memory handling when using and elements
· Added CORS support for cross-domain textures in WebGL
· Added support for HTML5 context menus
· Added support for insertAdjacentHTML
· Improved CSS hyphen support for many languages
· Improved WebSocket support
· Fixed several stability issues
September 30th, 2011· Fixed a rare issue where some users could find one or more of their add-ons hidden after a Firefox update
September 27th, 2011· Drastically improved memory handling for certain use cases
· Added a new rendering backend to speed up Canvas operations on Windows systems
· Bookmark and password changes now sync almost instantly when using Firefox Sync
· The 'http://' URL prefix is now hidden by default
· Added support for text-overflow: ellipsis
· Added support for the Web Timing specification
· Enhanced support for MathML
· The WebSocket protocol has been updated from version 7 to version 8
· Added an opt-in system for users to send performance data back to Mozilla to improve future versions of Firefox
· Fixed several stability issues
· Fixed several security issues
August 31st, 2011· Revoked the root certificate for DigiNotar due to fraudulent SSL certificate issuance (see bug 682927 and the security advisory)
August 20th, 2011· Optimized Memory Use: Reduces memory use and improves performance areas including responsiveness, startup and page load time, even in complex websites and Web apps
· Improved memory management: The JavaScript garbage collector works more frequently to free up memory and improve performance when you have many tabs open or keep Firefox running for a long time
· Enhanced Firefox Sync: Your data syncs faster when a bookmark or password is added or changed
· Azure Direct2D for Canvas: Helps Firefox speed up HTML5 Canvas-based animation rendering
· Web timing spec: Enables developers to measure page load time and site navigation so they can identify how to make website performance improvements
· CSS 3 Text-Overflow: ellipsis: Additional way for developers to display CSS 3 text that overflows the layout area
· Telemetry: Install this add-on and opt-in to report browser performance data and help improve future versions of Firefox
· Added support for the Web Timing specification
· Added an opt-in system for users to send performance data back to Mozilla to improve future versions of Firefox. This can be enabled by installing an add-on
· Fixed several stability issues
August 17th, 2011· The address bar now highlights the domain of the website you're visiting
· Streamlined the look of the site identity block
· Added support for the latest draft version of WebSockets with a prefixed API
· Added support for EventSource / server-sent events
· Added support for window.matchMedia
· Added Scratchpad, an interactive JavaScript prototyping environment
· Added a new Web Developer menu item and moved development-related items into it
· Improved usability of the Web Console
· Improved the discoverability of Firefox Sync
· Reduced browser startup time when using Panorama
· Fixed several stability issues
· Fixed several security issues
July 16th, 2011· The address bar now highlights the domain of the website you're visiting
· Streamlined the look of the site identity block
· Added support for the latest draft version of WebSockets with a prefixed API
· Added support for EventSource / server-sent events
· Added support for window.matchMedia
· Added Scratchpad, an interactive JavaScript prototyping environment
· Added a new Web Developer menu item and moved development-related items into it
· Improved usability of the Web Console
· Improved the discoverability of Firefox Sync
· Reduced browser startup time when using Panorama
July 12th, 2011· Worked around an issue in Mac OS X 10.7 that would cause Firefox to crash
· Worked around an issue caused by Apple's "Java for Mac OS X 10.6 Update 5" where the Java plugin would not be loaded
July 9th, 2011· Add-ons Manager with Plugin Check: Check that your plugins are up-to-date directly from the Add-ons Manager
· Improved Panorama Groups: Reduces browser startup time by only loading saved tab groups when you use Panorama
· Improved Address Bar: Highlights the domain name of the website you’re visiting to make it easy to identify where you are online
· Streamlined site identity block
· The Scratchpad: Quickly build and test JavaScript snippets in the browser
· Support for Web Sockets with a prefixed API
· Moveable Web Console
· New Web developer-specific menu
· Window.matchMedia API
· Support for server-sent events
July 8th, 2011New in Firefox Aurora:
· Performance Enhancements: Faster startup time on Mac, Windows, and Linux
· Firefox Sync: Bookmarks and passwords now sync instantly
· Enhanced Font Rendering: Fonts are rendered clear and sharp
Optimized Memory Use:
· Improved memory management: For many users, memory use is reduced by 30 percent or more, responsiveness is enhanced
· The JavaScript garbage collector runs frequently to free up more memory when Firefox is idle
New platform features and developer tools:
· Telemetry: Users can opt-in for automatic memory usage, performance testing and reporting to help improve future versions Firefox
· Web timing spec: Measure performance characteristics of websites as users experience them
· Azure Direct2D for Canvas: Canvas-based animations on the Web are dramatically faster
· Support for CSS3 Text-Overflow: ellipsis: New and more elegant way to display text content that has overflowed its given layout area
June 22nd, 2011· Added support for CSS animations
· The Do-Not-Track header preference has been moved to increase discoverability
· Tuned HTTP idle connection logic for increased performance
· Improved canvas, JavaScript, memory, and networking performance
· Improved standards support for HTML5, XHR, MathML, SMIL, and canvas
· Improved spell checking for some locales
· Improved desktop environment integration for Linux users
· WebGL content can no longer load cross-domain textures
· Background tabs have setTimeout and setInterval clamped to 1000ms to improve performance
· Fixed several stability issues
· Fixed several security issues
June 16th, 2011· WebGL content can no longer load cross-domain textures
· Background tabs have setTimeout and setInterval clamped to 1000ms to improve performance
· The Firefox development channel switcher introduced in previous Firefox Beta updates has been removed
May 28th, 2011· Data Management Window is an experimental feature that provides control over the the access that specific websites have to your browsing data, including cookies, passwords and location information. To start testing this feature type “about:permissions” in the Awesome Bar (URL Bar).
· Add-ons Manager with Plugin Check quickly verifies the compatibility of installed plugins directly from the Add-Ons Manager.
· Panorama Groups on Demand improves browser startup time and overall experience by allowing power Panorama users to load saved tab groups only when using Panorama.
· The Scratchpad lets developers quickly build and test JavaScript snippets in the browser.
· Web Console adds the ability to move the console to other parts of the window or break out into a separate window.
· Web Developer Menu provides access to developer tools from the Firefox Aurora Menu Button
· Firefox Aurora has additional support for HTML5, DOM level 3, server-sent events, networking technologies and other tools that make it easier for developers build advanced Web apps. Please see the Firefox for Developers in the Mozilla Developer Center for the full list.
May 21st, 2011· Added support for CSS animations
· Added support for switching Firefox development channels
· The Do-Not-Track header preference has been moved to increase discoverability
· Improved canvas, JavaScript, memory, and networking performance
· Improved standards support for HTML5, XHR, MathML, SMIL, and canvas
· Improved spell checking for some locales
· Improved desktop environment integration for Linux users
April 29th, 2011· MFSA 2011-18 XSLT generate-id() function heap address leak
· MFSA 2011-17 WebGLES vulnerabilities
· MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
April 29th, 2011· MFSA 2011-18 XSLT generate-id() function heap address leak
· MFSA 2011-16 Directory traversal in resource: protocol
· MFSA 2011-15 Escalation of privilege through Java Embedding Plugin
· MFSA 2011-14 Information stealing via form history
· MFSA 2011-13 Multiple dangling pointer vulnerabilities
· MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
March 23rd, 2011· Firefox 4 is available in over 80 languages
· Uses JägerMonkey, a new, faster JavaScript engine that is up to six times faster than Firefox 3.6
· Support for the Do Not Track ("DNT") header that allows users to opt-out of behavioural advertising
· Firefox Sync is included by default, allowing you to securely synchronize between multiple computers and mobile devices
· Certain graphics rendering operations are now hardware-accelerated using Direct3D 9 on Windows XP, Direct3D 10 on Windows Vista and 7, and OpenGL on Mac OS (OpenGL on Linux will be supported in the future)
· Direct2D Hardware Acceleration is now on by default for Windows 7 users
· WebGL is enabled on all platforms that have a capable graphics card with updated drivers
· Native support for the HD HTML5 WebM video format, hardware accelerated where available
· Firefox button has a new look for Windows Vista and Windows 7 users
· Tabs are now on top by default on Windows, Mac OS X, and Linux
· You can search for and switch to already open tabs in the Smart Location Bar
· The stop and reload buttons have been merged into a single button on Windows, Mac OS X, and Linux
· The Bookmarks Toolbar has been replaced with a Bookmarks Button by default (you can switch it back if you'd like)
· Crash protection for Windows, Linux, and Mac OS X when there is a crash in the Adobe Flash, Apple Quicktime or Microsoft Silverlight plugins
· You can turn any tab into an "App Tab" by right-clicking on it and selecting "Make into App Tab" from the context menu
· The default homepage design has been refreshed
· Overhaul of the bookmarks and history code, enabling faster bookmarking and startup performance
· Per-compartment garbage collection is now enabled, reducing work done during complex animations
· Additional polish for the Firefox Add-ons Manager
· Improved web typography using OpenType with support for ligatures, kerning and font variants
· Web developers can animate content using CSS Transitions
· Responsiveness and scrolling improvements from the new retained layers layout system
· HTML5 Forms API makes web based forms easier to implement and validate
· Support for the new proposed Audio Data API
· Support for HSTS security protocol allowing sites to insist that they only be loaded over SSL
· A new feature called Panorama gives users a visual overview of all open tabs, allowing them to be sorted and grouped
· An experimental API is included to provide more efficient Javascript animations
· Firefox now supports the HTML5 video "buffered" property
· Changes to how XPCOM components are registered in order to help startup time and process separation
· New Addons Manager and extension management API (UI will be changed before final release)
· Significant API improvements are available for JS-ctypes, a foreign function interface for extensions
· CSS Transitions are partially supported
· Core Animation rendering model for plugins on Mac OS X. Plugins which also support this rendering model can now draw faster and more efficiently
· Web developers can update the URL field without reloading the page using HTML History APIs
· More responsive page rendering using lazy frame construction
· Link history lookup is done asynchronously to provide better responsiveness during pageload
· CSS :visited selectors have been changed to block websites from being able to check a user's browsing history
· New HTML5 parser
· Support for more HTML5 form controls
· Web authors can now get touch events from Firefox users on Windows 7 machines
· A new way of representing values in JavaScript that allows Firefox to execute heavy, numeric code (used for things like graphics and animations) more efficiently
March 23rd, 2011· Firefox 3.5.18 blacklists a few invalid HTTPS certificates.
March 23rd, 2011· Firefox 3.6.16 blacklists a few invalid HTTPS certificates.
March 19th, 2011· Blacklisted a few invalid HTTPS certificates
· Updated localizations for 29 locales
· Added Vietnamese localization, bringing the total languages available in Firefox 4 to 83
March 9th, 2011· General stability, performance, and compatibility improvements.
· 632833 - Crash [@ nsGlobalWindow::LeaveModalState(nsIDOMWindow*) ]
· 626691 - "Log In To My T-Mobile" flash text is mispositioned, when loading "My T-Mobile" page in background t…
· 635397 - when tabbar and menubar have unified appearance, tabbar should be just as draggable as menubar
· 635400 - crash [@ nsBuiltinDecoder::GetBuffered]
· 635401 - Segfault when checking name of graphics driver vendor
· 634380 - Problem with drop down menus on Nike and also on other sites
· 635405 - Zooming windowless plugin frame can cause it to "bleed" outside bounds
· 628048 - hovered highlight on menu item sticks around too long after moving to a different menu item
· 636945 - add downcasting for nsRootAccessible
· 634387 - [Mac] Firefox 4.0b12pre crash [@ mozalloc_abort | NS_DebugBreak_P | mozilla::plugins::PPluginInstanc…
· 620206 - nsFrameMessageManager::ReceiveMessage returns non-nsresult values
· 636692 - Remove the Hotmail-specific hack that forces the old parser for document.open()
· 513616 - [meta] nanojit: clean up register allocator
· 635417 - Regular expression bug (breaks splinter patch review)
· 635418 - TabShow & TabHide should cause saveStateDelayed
· 629167 - FFT algorithm runs 5X faster with Tracemonkey-only than with Jaeger and Trace Monkeys working togeth…
· 635420 - Clicking on content within Normal tab of Composer and stops switching to other tabs
· 623136 - speed up font loading on android
· 633890 - Assertion failure: prop == (JSProperty*) shape
· 637987 - IPDL protocols used in unit tests are always built, even without --enable-ipdl-tests
· 633892 - Blacklist NVIDIA NVS 3100M on driver 8.17.12.5896
· 635943 - Check Items.arrange() calls to make sure tab bounds are correctly calculated
· 636968 - Startup crash [@ InitDwriteBG ] in virtual environments
· 619565 - "Assertion failure: scopeChain_ == calleeValue().toObject().getParent()"
· 633390 - Crop long link URLs in the middle instead of at the end (as the location bar hover link did)
· 636465 - misspelled words in the subject line get underlined despite disabled "Spell Check As You Type" in a …
· 635442 - Crash [@ nsSVGComponentTransferFunctionElement::DidAnimateNumberList]
· 630835 - Transition paint wrong fragments at the end of transition for 1-2 seconds.
· 622942 - Gmail's chat contact list layer is not opaque when scrolling on OS X
· 536630 - TM: awful LIR generated for bitwise-and.js (and everything else)
· 635451 - Firefox changes font mid-line on some numerals
· 632893 - Remove useless Cc/Ci/Cr/Cu/Components.*/Services.jsm from Firefox tests
· 635966 - elfhack fails with llvm LTO
· 635968 - JM: Crash on Google Spreadsheet
· 387138 - immediately after instantiation (cut/paste or subscribe), livemark looks like a regular folder in so…
· 632587 - implement getSupportedExtensions and isContextLost
· 632901 - TM: crash when assigning to function.arguments
· 635462 - "/tests/dom/tests/mochitest/ajax/prototype/test_Prototype.html or /tests/dom/tests/mochitest/bugs/te…
· 635465 - JavaScript menu is not working on sports.ru
· 635980 - Frequent harmless ASSERTION Nv3DVStreaming Nv3DVControl failed!
· 463950 - When feed is refreshed in Thunderbird, in feed starts playing
· 636495 - Make enabling profilers actually --enable-profiling
· 626768 - Startup crash [@ mozalloc_abort(char const* const) | mozcrt19.dll@0x1327f | nsCycleCollectorGCHookRu…
· 635475 - nsIdleServiceDaily can cause pointer corruption
· 633941 - Mac OS X "Open with..." / double-click on "web" file horked (browser launches without actually loadi…
· 562262 - fix license in a11y files
· 626617 - Remove Termiadur search plug-in on major update to 4.0
· 637019 - regression at www.staples.com - Sorting feature doesn't work (Sort by A-Z; Z-A; etc)
· 631388 - Investigate not centering plugin images in their frame if the frame/image sizes mismatch
· 624733 - Add .masr (Egypt) to IDN TLD whitelist
· 634974 - JavaScript strict warning: chrome://browser/content/tabview.js, line 3274: anonymous function does n…
· 629857 - Gray bar is added after repainting layer
· 636002 - better messages about attrib index validation
· 627729 - Selectively use the old HTML parser for Hotmail to work around repeated reloading
· 636008 - [Maemo6] Fennec crashes on startup, with Xlib error.
· 632423 - Text poorly rendered with hardware acceleration off (most noticeable with white text)
· 632941 - statuspanel's minimum width should be an em value and max width should be a percentage value
· 629358 - Baum Retec AG Cobra screen reader popup compatibility issue
· 637040 - iframe embedding youtube not displaying in os x
· 637032 - Repeated Console messages in the Web Console not showing number
· 609396 - Some Frames are rendered inconsistently after restart.
· 602558 - MSVC10 fails to compile with Google OTS source
· 621686 - Enable IDN for .ua
· 637559 - Add logging to Android Bridge
· 634132 - The page flickers/flashes black when scrolling the page while a flash video (on BBC, Engadget, and p…
· 635005 - new RegExp(undefined) should work like new RegExp("")
· 637901 - Video in youtube goes white
· 635008 - browser hangs every time on the "categorize your question" page on yahoo answers and needs to be kil…
· 386690 - Negative width attribute and percentage height on causes "ASSERTION: reflow stat…
· 635014 - Don't draw the checkerboard behind undefined content in "sync scrolling mode"
· 588426 - Restoring multiple solely hidden tabs (after crash) breaks session restore
· 621707 - Add gob.ec to PSL
· 621710 - Add bv.nl to PSL
· 631491 - toolbar's iconsize attribute is not updated correctly after switching themes
· 603798 - our tabs look great on XP but don't fit as well with Windows 7 and aero
· 623768 - Pressing Backspace in Panorama causes last focused tab to navigate backwards
· 636219 - JM: Interpreter's useMethodJIT flag needs to be reset when entering a new function
· 638106 - CKEditor document should be editable
· 607900 - [startup-notification] Two windows started when Firefox launched for the first times
· 634906 - Allow CORS from nsXmlHttpRequest when script is loaded from file
· 636613 - Let WebGL mochitest run on Windows XP
· 638116 - use different background gradient colors in split menu buttons in Firefox Button
· 634534 - Firefox 4 crash Silverlight video [@ mozalloc_abort(char const* const) | mozcrt19.dll@0x1327f | mozi…
· 601768 - Ensure it's safe to hand a function to a sandbox
· 635051 - revert experienced_first_use to experienced_first_run
· 634542 - Spike in crashes [@ call_trace ] among users with Firebug installed + [@ JSStackFrame::callObj() ]
· 591537 - Freeze UA build id for Firefox branded builds
· 635059 - Update WebGL test suite to version 1.0.0 from khronos.org
· 636086 - build bustage when building with --disable-pango
· 637385 - TM: Assertion failure: obj == globalObj, at ../jstracer.cpp:15253
· 636088 - Blocked LSP: Microsoft Proxy Client / Microsoft Firewall Client Service Provider
· 635068 - WebGL test array-unit-tests.html fails
· 636093 - "ABORT: Shadow layers can't be destroyed during txns!: '!HasShadow() || !BasicManager()->InTransacti…
· 636609 - Remove DEBUG_GL_ERROR_CHECK
· 636611 - Block WebGL on Mac OS X 10.5 (not on 10.6)
· 633462 - Talos turns orange on "###!!! [Child][RPCChannel] Error: Channel closing: too late to send/recv, mes…
· 628938 - Treewalker not working properly in Mozilla Treewalker Demo
· 630306 - "jsobj.h:1239: warning: inline function 'JSCompartment* JSObject::getCompartment() const' used but n…
· 636877 - Improve android restarts
· 635768 - pages print improperly
· 636114 - Crash [@ PluginBackgroundSink::~PluginBackgroundSink() ]
· 638414 - Missing toString() function on Array.prototype - TypeError: Array.prototype.toString called on incom…
· 633465 - Turn off bug 591836 workaround on Win64
· 635608 - Clean up sizemode=normal & disablechrome styling for aero glass
· 636637 - "e is not defined" error while trying to log "Error while loading thumbnail"
· 634590 - Unqualified function invocation doesn't use the global object the property was gotten from as |this|
· 634593 - Assertion failure: proto->isNative(), at jsobjinlines.h:917
· 636131 - iBus freezes when it retrieves surrounding text and if the caret is at end of line (IA__gtk_im_conte…
· 636143 - Full screen tab bar doesn't drop down after minimize and top of content is cut off.
· 606960 - crash [@ js::Interpret(JSContext*, JSStackFrame*, unsigned int, JSInterpMode) ]
· 621411 - Hardware acceleration in Firefox/SeaMonkey causes Oracle VirtualBox 3.2/4.0 to crash
· 633074 - Zoom in animation is not shown for tabs deep within stacks
· 637683 - crash [@ memcpy | NS_CopySegmentToBuffer(nsIInputStream*, void*, char const*, unsigned int, unsigned…
· 626421 - Non-clickable area on top of each tab in Windows XP (tabs in titlebar)
· 636666 - paste option doesn't appear in context menu for text boxes in content on android
· 619773 - WebGL: Crash with blue screen : "NMI: Parity Check / Memory Parity Error" with ATI Mobility FireGL V…
· 637184 - Missing newline at end of file in MacIOSurfaceImageOGL.h
· 631553 - crash [@ PL_DHashTableOperate | nsFrameScriptExecutor::LoadFrameScriptInternal]
· 627464 - Annotate crash reports about gfx features in use
· 636169 - Web Console notifications needed for customization via Addons
· 629514 - Use public domain headers for our tests
· 627979 - [clang] "cannot compile this __asm__ yet" in xptcinvoke_x86_64_unix
· 615693 - Improve the inactive window appearance of tabs-on-top
· 623405 - svg text rotation reftest failures on WinXP: anim-text-rotate-01.svg & dynamic-text-04.svg
· 636176 - Sync should not sync general.autoScroll
· 636689 - Rename the HTML5 parser pref in order to reset it for everyone who has flipped it during the beta cy…
· 635666 - WebGL crash [@mozilla::WebGLContext::CopyTexSubImage2D]
· 635155 - Get full JIT-tests coverage back
· 635156 - typos in test svg files.
· 624917 - undo close tab does not restore page with frameset
· 637206 - Random pauses while watching Hulu videos
· 524761 - Intermittent failure in test_resolveNullBookmarkTitles.js
· 634648 - re-enable tests disabled due to debug shell reftest assertion: !CompartmentHasLiveScripts(comp)
· 638218 - Asynchronous policy-uri fetching causes connection problems when using NTLM proxy
· 632612 - Minor improvements to js_DumpObject
· 620326 - Intermittent failure in /tests/content/media/test/test_playback.html | Test timed out.
· 633133 - Testing for named items in HTMLCollections using 'in' operator always returns false
· 635696 - restore focus after "Undo Close Group" of last group
· 612872 - HAL/Supernova needs more sophisticated window emulation
· 635195 - Assertion failure: !wp->setter, at jsdbgapi.cpp:781
· 615741 - too large canvases don't draw and are black
· 553278 - Video should decode into buffers allocated by layer backend we are targeting.
· 637401 - [regression] Console message nodes do not have unique IDs anymore
· 638276 - Update (and fix) nsTextEditorState.h documentation
· 635594 - Assertion failure: !tm->recorder, at jstracer.cpp:7131
· 414690 - match case checkbox and label not aligned vertically with find toolbar buttons
· 631119 - Dummy popup widgets created in content process can interrupt IME state
· 635728 - Favicon background must match group item background color
· 617297 - Fennec 4.0b3pre Crash Report [@ nsXPConnect::GetPrincipal] [@ nsScriptSecurityManager::doGetObjectPr…
· 609106 - Add plugin-container.exe to ShimInclusionList via installer
· 635733 - Weird transparency when dragging tabs out of groups
· 635737 - Zoom animation frame is rotated when we zoom out of a non-top stacked tab
· 637278 - Full CPU load as long as o2online.de is displayed with hardware acceleration disabled
· 637282 - Crash [@ mozalloc_abort(char const* const) | NS_DebugBreak_P | mozilla::plugins::PPluginInstance::Tr…
· 632379 - Can't select some bookmarks
· 594596 - Crash in [@ nsMenuPopupFrame::CreateWidgetForView(nsIView*) ]
· 613221 - TypeInference: make inference structures GC safe
· 636776 - Crash [@ nsSHEntry::GetParent(nsISHEntry**) ][@ @0x0 | nsSHEntry::GetParent(nsISHEntry**) ][@ nsDocS…
· 638318 - Page starting with lots of NUL chars is incorrectly sniffed as UTF-16BE (with HTML5 parser enabled)
· 635844 - Update pushState to latest spec. Again.
· 635252 - Autocomplete textbox gets corrupted after customizing toolbars
· 634942 - HelperApp launch is broken with GIO
· 621432 - Assertion failure: script->main code + script->length
· 636281 - crash [@ -[ChildView setMarkedText:selectedRange:]]
· 636795 - PROCESS-CRASH | test_index_messages_imap_online_to_offline.js (and others) crash after latest tracem…
· 633725 - docload_wnd.xul (and nsRootAcc_wnd.xul) tries to load about:robots which is Firefox specific (atm)
· 601988 - Translated C++ code is not as fast as it could be
· 637321 - Fix tests that try to use the 'telephone' input type instead of the 'tel' input type
· 634454 - The Find bar at the bottom of the page keeps going away
· 633741 - Assertion failure: !cx->isExceptionPending(), at ../jscntxtinlines.h:704
· 636817 - Video only plays on mouseOver
· 620434 - useless null check of result in nsXULTreeBuilder::ReplaceMatch
· 636820 - Test for bug 634590 fails with -a -m
· 635286 - ":not()" pseudo class in ":-moz-any()" selector doesn't work correctly
· 627096 - [Meta] Panorama BetaN
· 631194 - Overlay for connecting / waiting / loading status messages is no longer "small"
· 636655 - Creating large textnodes became slower since 1.9.2
· 635665 - nsPrefBranch::GetComplexValue code incorrect after e10s merge
· 476570 - need an message to console or in the page when src not found for video tag
· 577438 - Make NodeIterator and TreeWalker not use GetChildAt
· 586145 - JM: improve string concatenation speed in date-format-xparb.js
· 565667 - 'Tools' > 'Add-ons' only works when browser window is in the foreground
· 630180 - ###!!! ASSERTION: No parent accessible where we're not direct child of window: 'xpParentAcc', file .…
· 596901 - "ASSERTION: Attempting to nest call to BeginSecureKeyboardInput" when iframes fight over password-fi…
· 635814 - add shellName and shellVersion to nsSystemInfo
· 570279 - Tab+NavBar Connecting Curve Adjustments
· 629160 - Generating CASE_EXIT for some default cases in tableswitch when tracing
· 636828 - browser.js nsINavBookmarkObserver::onItemAdded incorrectly expects aURI when folder added
· 637200 - GET-request to www.youtube.com is removed from WebConsole
· 634745 - Fix ARM SIMD/NEON tests to work with LTO
· 637361 - REOPEN : SSL pages don't work when using a NTLM proxy
· 631733 - When idle the GC holds on to unused chunks indefinitely
· 630201 - Crash [@ nsTArray::Clear() ] with pre-Windows-RTM ver…
· 632763 - Block level links and dynamic HTML
· 633788 - "closing last tab" inconsistency between main browser window and panorama
· 604944 - new crash starting in 20101015 nightlies [@js_GetReservedSlot(JSContext*, JSObject*, unsigned long, …
· 627649 - [Mac] Some events incorrectly passed to a plugin that occur over the plugin
· 613314 - Firefox/4.0b8pre crash in [@ nsWindow::IPCWindowProcHandler(unsigned int&, unsigned int&, long&) ] m…
· 636356 - WebGL crash [@mozilla::WebGLBuffer::ZeroDataIfElementArray]
· 626678 - Firefox becomes unresponsive when docking or undocking my laptop
· 636870 - Using webgl on optimus hardware causes instant crash
· 637004 - Crash [@ mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer() ]
· 523928 - Partner contact for McAffee
· 636364 - Followup fixes and tests in wake of global |this| binding change (shell failure on js1_8_5/regress/r…
· 636365 - Add separate GCTIMER interval for sweeping Shapes
· 637390 - Test interpreter only in jit-tests
· 73681 - RANGE:Child Nodes of Attr Nodes have a parentNode property set to null.
· 611795 - Repeated messages in the Web Console should be collapsed into one
· 633305 - about:memory should display memory reporters that live in the child process
· 637915 - nsJNIString is leaky with zero length strings.
· 634844 - Non-animated plugins constantly reupload image with accelerated layers and async rendering
· 636894 - Audio 'MozAudioAvailable' event timing behaving poorly
· 630693 - Web console's copying adds extra newline between groups.
· 635873 - Assertion failure: compartment == rt->gcCurrentCompartment
· 635362 - Assertion fails when closing group item
· 586212 - Don't carry out the command when clicking on a disabled splitmenu
· 631270 - Status panel gets in way / obscures a Find result at the bottom of the page
· 628049 - Improve the hover styling of split menus in the Firefox menu
· 636906 - GFX blacklisting not affecting WebGL?
· 632817 - Cannot filter search for NET events in the Web console
· 635892 - Invalid HTTP version triggers text/plain or text/xml rendering
· 635668 - The zoom in animation doesn't work for new tab by group "+" button or double click on group or empty…
· 636408 - When opening stack window the titles of the website are not visible
· 624636 - Allow reftests to set a "displayport" and "view transform"
· 596478 - Intermittent fail in layout/reftests/svg/image/img-dyn-1.html
· 556117 - Either breakage or missed fix in nsPNGDecoder.cpp in 1.9.0.19
March 5th, 2011· Fixed an issue where some Java applets would fail to load in Firefox 3.6.14
March 2nd, 2011· MFSA 2011-10 CSRF risk with plugins and 307 redirects
· MFSA 2011-09 Crash caused by corrupted JPEG image
· MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
· MFSA 2011-07 Memory corruption during text run construction (Windows)
· MFSA 2011-06 Use-after-free error using Web Workers
· MFSA 2011-05 Buffer overflow in JavaScript atom map
· MFSA 2011-04 Buffer overflow in JavaScript upvarMap
· MFSA 2011-03 Use-after-free error in JSON.stringify
· MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
· MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
March 2nd, 2011· MFSA 2011-10 CSRF risk with plugins and 307 redirects
· MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
· MFSA 2011-07 Memory corruption during text run construction (Windows)
· MFSA 2011-06 Use-after-free error using Web Workers
· MFSA 2011-05 Buffer overflow in JavaScript atom map
· MFSA 2011-04 Buffer overflow in JavaScript upvarMap
· MFSA 2011-03 Use-after-free error in JSON.stringify
· MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
· MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
· MFSA 2010-74 CVE-2010-3777 was fixed in Firefox 3.5.17
February 25th, 2011· Increased performance while viewing Flash content
· Improved plugin compatibility with hardware acceleration enabled
· Hovering over links now displays the URL at the bottom of the window rather than in the location bar
· General stability, performance, and compatibility improvements
February 8th, 2011· Support for the proposed Do Not Track ("DNT") header
· Connection status messages are now shown in a small overlay
· WebGL has been re-enabled on Linux
· The default homepage design has been refreshed
· Firefox no longer switches into offline mode automatically
January 25th, 2011· Compatibilty and stability improvements when using Adobe Flash on Mac OS X
· Improvements in memory usage
· Support for a graphics driver blacklist to improve stability
December 21st, 2010· The Firefox Sync setup experience has been greatly improved across desktop and mobile devices
· Speed, functionality, and compatibility improvements to WebGL
· Additional polish for the Firefox Add-ons Manager
December 10th, 2010· MFSA 2010-84 XSS hazard in multiple character encodings
· MFSA 2010-83 Location bar SSL spoofing using network error page
· MFSA 2010-82 Incomplete fix for CVE-2010-0179
· MFSA 2010-81 Integer overflow vulnerability in NewIdArray
· MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
· MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh
· MFSA 2010-78 Add support for OTS font sanitizer
· MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
· MFSA 2010-76 Chrome privilege escalation with window.open and element
· MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
· MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
October 28th, 2010· Fixes a critical security issue that could potentially allow remote code execution.
October 28th, 2010· Fixes a critical security issue that could potentially allow remote code execution.
October 20th, 2010· MFSA 2010-72 Insecure Diffie-Hellman key exchange
· MFSA 2010-71 Unsafe library loading vulnerabilities
· MFSA 2010-70 SSL wildcard certificate matching IP addresses
· MFSA 2010-69 Cross-site information disclosure via modal calls
· MFSA 2010-68 XSS in gopher parser when parsing hrefs
· MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
· MFSA 2010-66 Use-after-free error in nsBarProp
· MFSA 2010-65 Buffer overflow and memory corruption using document.write
· MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)
September 16th, 2010· Fixed a single stability issue affecting a limited number of users
September 15th, 2010· Fixed a stability issue affecting Windows users.
· Fixed an issue causing rendering errors with plugins affecting Mac OS X users.
September 8th, 2010· Support for the new proposed Audio Data API
· Direct2D Hardware Acceleration is now on by default for Windows 7 users
· Firefox button has a new look for Windows Vista and Windows 7 users
· Support for HSTS security protocol allowing sites to insist that they only be loaded over SSL.
· See the complete changelist from the previous beta.
September 8th, 2010· MFSA 2010-63 Information leak via XMLHttpRequest statusText
· MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
· MFSA 2010-61 UTF-7 XSS by overriding document charset using type attribute
· MFSA 2010-59 SJOW creates scope chains ending in outer object
· MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
· MFSA 2010-57 Crash and remote code execution in normalizeDocument
· MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
· MFSA 2010-55 XUL tree removal crash and remote code execution
· MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
· MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
· MFSA 2010-52 Windows XP DLL loading vulnerability
· MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
· MFSA 2010-50 Frameset integer overflow vulnerability
· MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
September 8th, 2010· MFSA 2010-63 Information leak via XMLHttpRequest statusText
· MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
· MFSA 2010-61 UTF-7 XSS by overriding document charset using type attribute
· MFSA 2010-60 XSS using SJOW scripted function
· MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
· MFSA 2010-57 Crash and remote code execution in normalizeDocument
· MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
· MFSA 2010-55 XUL tree removal crash and remote code execution
· MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
· MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
· MFSA 2010-52 Windows XP DLL loading vulnerability
· MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
· MFSA 2010-50 Frameset integer overflow vulnerability
· MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
August 25th, 2010· Firefox 4 Beta 4 is available in 39 languages.
· Firefox Sync is now included by default.
· A new feature gives users a visual overview of all open tabs, allowing them to be sorted and grouped.
· An experimental API is included to provide more efficient Javascript animations.
· Firefox now supports the HTML5 video "buffered" property.
· See the complete changelist from the previous beta.
July 28th, 2010· Tabs are now on top by default on Windows and OSX - Linux will be changing when the theme has been modified to support the change.
· You can turn any tab into an "App Tab" by right-clicking on it and selecting "Make into App Tab" from the context menu.
· Web developers can animate content using CSS Transitions.
· Responsiveness and scrolling improvements from the new retained layers layout system.
· JavaScript speed improvements due to engine optimizations.
· Changes to how XPCOM components are registered in order to help startup time and process separation.
July 24th, 2010· MFSA 2010-48 Dangling pointer crash regression from plugin parameter array fix
July 24th, 2010· MFSA 2010-47 Cross-origin data leakage from script filename in error messages
· MFSA 2010-46 Cross-domain data theft using CSS
· MFSA 2010-45 Multiple location bar spoofing vulnerabilities
· MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
· MFSA 2010-43 Same-origin bypass using canvas context
· MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
· MFSA 2010-41 Remote code execution using malformed PNG image
· MFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability
· MFSA 2010-39 nsCSSValue::Array index integer overflow
· MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
· MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
· MFSA 2010-36 Use-after-free error in NodeIterator
· MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
· MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
July 7th, 2010· Tabs are now on top by default on Windows only - OSX and Linux will be changing when the theme has been modified to support the change.
· On Windows Vista and Windows 7 the menu bar has been replaced with the Firefox button.
· You can search for and switch to already open tabs in the Smart Location Bar
· New Addons Manager and extension management API (UI will be changed before final release)
· Significant API improvements are available for JS-ctypes, a foreign function interface for extensions.
· The stop and reload buttons have been merged into a single button on Windows, Mac and Linux.
· The Bookmarks Toolbar has been replaced with a Bookmarks Button by default (you can switch it back if you'd like).
· Crash protection for Windows, Linux, and Mac when there is a crash in the Adobe Flash, Apple Quicktime or Microsoft Silverlight plugins.
· CSS Transitions are partially supported.
· Full WebGL support is included but disabled by default at this time.
· Core Animation rendering model for plugins on Mac OS X. Plugins which also support this rendering model can now draw faster and more efficiently.
· Native support for the HD HTML5 WebM video format.
· An experimental Direct2D rendering backend is available on Windows, turned off by default.
· Web developers can use Websockets for a low complexity, low latency, bidirectional communications API.
· Web developers can update the URL field without reloading the page using HTML History APIs.
· More responsive page rendering using lazy frame construction.
· Link history lookup is done asynchronously to provide better responsiveness during pageload.
· CSS :visited selectors have been changed to block websites from being able to check a user's browsing history.
· New HTML5 parser.
· Support for more HTML5 form controls.
June 23rd, 2010· MFSA 2010-33 User tracking across sites using Math.random()
· MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present
· MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes
· MFSA 2010-30 Integer Overflow in XSLT Node Sorting
· MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
· MFSA 2010-28 Freed object reuse across plugin instances
· MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10)
April 21st, 2010· Fixed several security issues.
April 9th, 2010· Privacy: Web sites can no longer use :visited styling to determine the browsing history of a user. See hacks.mozilla.org for more information.
· User Interface: Currently loaded web pages are shown in the location bar autocomplete list, allowing switching to existing tabs. See bug 480350 for details.
· Stability: The beta version of Adobe Flash is now run in a separate process on Mac OS X Snow Leopard (10.6). Visit the Adobe website to install the latest beta version of Flash.
· SVG: SVG attributes which are mapped to CSS properties can now be animated using SMIL. See bug 534028 for details.
· Video: Full-screen video on Windows is now rendered using hardware acceleration when available. See Bas Schouten's blog for details.
· Plug-Ins: Mozilla has implemented the Core Animation rendering model for plugins on Mac OS X. Plugins which also support this rendering model can now draw faster and more efficiently.
· HTML: HTML form controls can be resized by the user. See bug 442228 for details.
· Performance: Linux builds are now built with -fomit-frame-pointer, improving page load times on average by 4%. For more information, see bug 554364.
April 9th, 2010· Firefox Lorentz is built on Firefox 3.6.3, and includes a new feature for Windows and Linux users which runs the Adobe Flash, Apple Quicktime and Microsoft Silverlight plugins in a separate process.
· With this feature if one of these plugins crashes or hangs, Firefox will continue running and you can reload the page to try again.
April 2nd, 2010· Fixes a critical security issue that could potentially allow remote code execution (see bug 555109).
March 31st, 2010· MFSA 2010-24 XMLDocument::load() doesn't check nsIContentPolicy
· MFSA 2010-23 Image src redirect to mailto: URL opens email editor
· MFSA 2010-22 Update NSS to support TLS renegotiation indication
· MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop
· MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray
· MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView
· MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection
· MFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)
March 23rd, 2010· Fixed a critical security issue that could potentially allow remote code execution (see bug 552216).
· Fixed several additional security issues.
· Fixed several stability issues.
March 3rd, 2010· Plugins - On Windows and Linux, plugins (such as Flash and Silverlight) are now isolated from Firefox. Plugin crashes will not kill Firefox itself, and unresponsive plugins are automatically restarted.
· Security - The SSL security system has been changed to fix a renegotiation flaw. For technical details, see the newsgroup posting announcing the change.
· HTML - The placeholder attribute for and is now supported.
· User Interface - The stop and reload buttons have been merged when they are adjacent on the toolbar. See bug 343396 for details.
· SVG - Support for SMIL Animation in SVG. Support for animating some SVG attributes is still under development and the animateMotion element isn't supported yet.
· Stability - Crash reports from plugin processes are now submitted automatically. Crash report submission can be disabled in Firefox preferences (Advanced / General / Submit crash reports).
· CSS - Support for CSS Transitions. This support is not quite complete: support for animation of transforms and gradients has not yet been implemented.
· WebGL - Support for WebGL, which is disabled by default but can be enabled by changing a preference. See this blog post and this blog post for more details.
· DOM - Support for the getClientRects and getBoundingClientRect methods on Range objects. See bug 396392 for details.
· DOM - Support for the setCapture and releaseCapture methods on DOM elements. See bug 503943 for details.
· HTML - Support for the HTML5 History.pushState() and History.replaceState() methods and the popstate event. See bug 500328 for details.
· CSS - Support for the -moz-image-rect() value for background-image. See bug 113577 for more details.
February 18th, 2010· MFSA 2010-05 XSS hazard using SVG document and binary Content-Type
· MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain
· MFSA 2010-03 Use-after-free crash in HTML parser
· MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability
· MFSA 2010-01 Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18)
February 17th, 2010· MFSA 2010-05 XSS hazard using SVG document and binary Content-Type
· MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain
· MFSA 2010-03 Use-after-free crash in HTML parser
· MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability
· MFSA 2010-01 Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18)
February 10th, 2010· Support for CSS Transitions. This support is not quite complete: support for animation of transforms and gradients has not yet been implemented.
· Support for SMIL Animation in SVG. Support for animating some SVG attributes is still under development and the animateMotion element isn't supported yet.
· Support for WebGL, which is disabled by default but can be enabled by changing a preference. See this blog post and this blog post for more details.
· Support for the getClientRects and getBoundingClientRect methods on Range objects. See bug 396392 for details.
· Support for the setCapture and releaseCapture methods on DOM elements. See bug 503943 for details.
· Support for the HTML5 History.pushState() and History.replaceState() methods and the popstate event. See bug 500328 for details.
· Support for the -moz-image-rect() value for background-image. See bug 113577 for more details.
· Text is rendered using Core Text rather than ATSUI.
· Rewrote major parts of the code for handling scrolling. See bug 526394 for details.
· Rewrote the way a snapshot of a document is taken in order to print or print preview. See bug 487667 for details.
· Made significant changes to table border handling. See bug 452319 and bug 43178 for details.
· Made various architectural changes to improve Web page performance.
January 17th, 2010· Made some changes to how we allow third party software to integrate with Firefox in order to prevent crashes.
· This release candidate is available in more than 70 languages - get your local version.
· More than 70 fixes from the last beta to improve performance, stability, security and features.
· The ability to run scripts asynchronously to speed up page load times.
· Users can now change their browser's appearance with a single click, with built in support for Personas.
· Firefox 3.6 will alert users about out of date plugins to keep them safe.
· Open, native video can now be displayed full screen, and supports poster frames.
· Support for the WOFF font format.
· Improved JavaScript performance, overall browser responsiveness and startup time.
· Support for new CSS, DOM and HTML5 web technologies.
January 5th, 2010· Fixed a common stability issue.
· Fixed a problem with how updates were being presented to users.
December 16th, 2009· MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
· MFSA 2009-70 Privilege escalation via chrome window.opener
· MFSA 2009-69 Location bar spoofing vulnerabilities
· MFSA 2009-68 NTLM reflection vulnerability
· MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)
December 16th, 2009· MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
· MFSA 2009-70 Privilege escalation via chrome window.opener
· MFSA 2009-69 Location bar spoofing vulnerabilities
· MFSA 2009-68 NTLM reflection vulnerability
· MFSA 2009-67 Integer overflow, crash in libtheora video library
· MFSA 2009-66 Memory safety fixes in liboggplay media library
· MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)
November 26th, 2009· Firefox 3.6 Beta is built on Mozilla's Gecko 1.9.2 web rendering platform, which has been under development for several months and contains many improvements for web developers, Add-on developers and users. This version is also faster and more responsive than previous versions, and has been optimized to run on small device operating systems such as Windows CE and Maemo.
· Changes to how we allow third party software to integrate with Firefox in order to prevent crashes.
· The ability to run scripts asynchronously to speed up page load times.
· More than 140 bug fixes from the last beta to improve performance, stability, security and features.
· This beta is available in more than 60 languages - get your local version.
· Users can now change their browser's appearance with a single click, with built in support for Personas.
· Firefox 3.6 will alert users about out of date plugins to keep them safe.
· Open, native video can now be displayed full screen, and supports poster frames.
· Support for the WOFF font format.
· Improved JavaScript performance, overall browser responsiveness and startup time.
· Support for new CSS, DOM and HTML5 web technologies.
November 18th, 2009· (NEW) Changes to how we allow third party software to integrate with Firefox in order to prevent crashes.
· (NEW) The ability to run scripts asynchronously to speed up page load times.
· More than 80 bug fixes from the last beta to improve performance, stability, security and features.
· This beta is available in more than 60 languages - get your local version.
· Users can now change their browser's appearance with a single click, with built in support for Personas.
· Firefox 3.6 will alert users about out of date plugins to keep them safe.
· Open, native video can now be displayed full screen, and supports poster frames.
· Support for the WOFF font format.
· Improved JavaScript performance, overall browser responsiveness and startup time.
· Support for new CSS, DOM and HTML5 web technologies.
November 11th, 2009· More than 190 bug fixes from the last beta to improve performance, stability, security and features.
· This beta is available in more than 45 languages - get your local version.
· Users can now change their browser's appearance with a single click, with built in support for Personas.
· Firefox 3.6 will alert users about out of date plugins to keep them safe.
· Open, native video can now be displayed full screen, and supports poster frames.
· Support for the WOFF font format.
· Improved JavaScript performance, overall browser responsiveness and startup time.
· Support for new CSS, DOM and HTML5 web technologies.
November 6th, 2009· Fixed several stability issues.
October 31st, 2009· This beta is available in more than 50 languages
· Users can now change their browser's appearance with a single click, with built in support for Personas.
· Firefox 3.6 will alert users about out of date plugins to keep them safe.
· Open, native video can now be displayed full screen, and supports poster frames.
· Support for the WOFF font format.
· Improved JavaScript performance, overall browser responsiveness and startup time.
· Support for new CSS, DOM and HTML5 web technologies.
October 28th, 2009· Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
· Upgrade media libraries to fix memory safety bugs
· Download filename spoofing with RTL override
· Cross-origin data theft through document.getSelection()
· Heap buffer overflow in string to number conversion
· Chrome privilege escalation in XPCVariant::VariantDataToJS()
· Heap buffer overflow in GIF color map parser
· Crash in proxy auto-configuration regexp parsing
· Local downloaded file tampering
· Form history vulnerable to stealing
October 28th, 2009· Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
· Upgrade media libraries to fix memory safety bugs
· Download filename spoofing with RTL override
· Cross-origin data theft through document.getSelection()
· Heap buffer overflow in string to number conversion
· Chrome privilege escalation in XPCVariant::VariantDataToJS()
· Heap buffer overflow in GIF color map parser
· Crash in proxy auto-configuration regexp parsing
· Crash with recursive web-worker calls
· Local downloaded file tampering
· Form history vulnerable to stealing
September 10th, 2009· MFSA 2009-51 Chrome privilege escalation with FeedWriter
· MFSA 2009-50 Location bar spoofing via tall line-height Unicode characters
· MFSA 2009-49 TreeColumns dangling pointer vulnerability
· MFSA 2009-48 Insufficient warning for PKCS11 module installation and removal
· MFSA 2009-47 Crashes with evidence of memory corruption (rv:1.9.1.3/1.9.0.14)
September 10th, 2009· MFSA 2009-51 Chrome privilege escalation with FeedWriter
· MFSA 2009-50 Location bar spoofing via tall line-height Unicode characters
· MFSA 2009-49 TreeColumns dangling pointer vulnerability
· MFSA 2009-47 Crashes with evidence of memory corruption (rv:1.9.1.3/1.9.0.14)
August 4th, 2009· MFSA 2009-44 Location bar and SSL indicator spoofing via window.open() on invalid URL.
· MFSA 2009-43 Heap overflow in certificate regexp parsing.
· MFSA 2009-42 Compromise of SSL-protected communication.
August 4th, 2009· MFSA 2009-46 Chrome privilege escalation due to incorrectly cached wrapper
· MFSA 2009-45 Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13)
· MFSA 2009-44 Location bar and SSL indicator spoofing via window.open() on invalid URL
· MFSA 2009-43 Heap overflow in certificate regexp parsing
· MFSA 2009-42 Compromise of SSL-protected communication
· MFSA 2009-38 Data corruption with SOCKS5 reply containing DNS name longer than 15 characters
August 3rd, 2009· Several security and stability issues.
· Images with ICC profiles now render properly on all monitors.
July 22nd, 2009· MFSA 2009-40 Multiple cross origin wrapper bypasses
· MFSA 2009-39 setTimeout loses XPCNativeWrappers
· MFSA 2009-37 Crash and remote code execution using watch and __defineSetter__ on SVG element
· MFSA 2009-36 Heap/integer overflows in font glyph rendering libraries
· MFSA 2009-35 Crash and remote code execution during Flash player unloading
· MFSA 2009-34 Crashes with evidence of memory corruption (rv:1.9.1/1.9.0.12)
July 17th, 2009· Several security issues - Corrupt JIT state after deep return from native function.
· Several stability issues.
June 20th, 2009· This release candidate is now available in more than 70 languages - get your local version.
· Improved tools for controlling your private data, including a Private Browsing Mode.
· Better performance and stability with the new TraceMonkey JavaScript engine.
· The ability to provide Location Aware Browsing using web standards for geolocation.
· Support for native JSON, and web worker threads.
· Improvements to the Gecko layout engine, including speculative parsing for faster content rendering.
· Support for new web technologies such as: HTML5 and elements, downloadable fonts and other new CSS properties, JavaScript query selectors, HTML5 offline data storage for applications, and SVG transforms.
June 17th, 2009· Firefox 3.5 (Release Candidate) is based on the Gecko 1.9.1 rendering platform, which has been under development for the past year.
· Firefox 3.5 offers many changes over the previous version, supporting new web technologies, improving performance and ease of use, and adding new features for users.
· This beta is now available in more than 70 languages - get your local version.
· Improved tools for controlling your private data, including a Private Browsing Mode.
· Better performance and stability with the new TraceMonkey JavaScript engine.
· The ability to provide Location Aware Browsing using web standards for geolocation.
· Support for native JSON, and web worker threads.
· Improvements to the Gecko layout engine, including speculative parsing for faster content rendering.
· Support for new web technologies such as: HTML5 and elements, downloadable fonts and other new CSS properties, JavaScript query selectors, HTML5 offline data storage for applications, and SVG transforms.
June 11th, 2009· The 800,000+ users of Firefox 3.5 Beta 4 will be receiving an update to a “Firefox 3.5 Preview” release in order to assist us with further testing and feedback. This update contains many fixes for stability bugs, correctness fixes for our JavaScript engine, and improvements to our built in support for open Ogg based video and audio playback. While this release has not yet completed the testing required to be declared a release candidate, it is considered stable for daily browsing use and we appreciate your assistance in helping us test and evaluate this preview release.
· If you’re a Firefox 3.5 Beta user you should be receiving this update automatically within the next 24 hours. To get the update immediately, select “Check for Updates…” in the “Help” menu.
· If you’re not yet a Firefox 3.5 Beta user, we recommend that you wait for the upcoming Firefox 3.5 Release Candidate, which should be in the next 1-2 weeks. If you’d like to become a beta tester for Firefox 3.5 and subsequent updates, please install the latest available beta and install any offered updates.
June 11th, 2009· Fixed several security issues.
· Fixed several stability issues.
· Build 2 of this beta release fixes an issue where some extensions wouldn't work properly.
April 28th, 2009Fixes two issues found in Firefox 3.0.9:
· Fixed a security issue.
· Fixed a major stability issue.
April 28th, 2009Based on the Gecko 1.9.1 rendering platform, which has been under development for the past 10 months. Firefox 3.5 offers many changes over the previous version, supporting new web technologies, improving performance and ease of use, and adding new features for users:
· This beta is now available in 70 languages - get your local version.
· Improved tools for controlling your private data, including a Private Browsing Mode.
· Better performance and stability with the new TraceMonkey JavaScript engine.
· The ability to provide Location Aware Browsing using web standards for geolocation.
· Support for native JSON, and web worker threads.
· Improvements to the Gecko layout engine, including speculative parsing for faster content rendering.
· Support for new web technologies such as: HTML5 and elements, downloadable fonts and other new CSS properties, JavaScript query selectors, HTML5 offline data storage for applications, and SVG transforms.
April 21st, 2009· Fixed several security issues.
· Fixed several stability issues.
· Many users experienced an issue where a corrupt local database caused Firefox to “lose” its stored cookies. (bug 470578)
· Fixed an issue where, starting with Firefox 3.0.7, inline attachments on popular webmail services (like AOL and AIM) would not display. (bug 482659)
· Large forms would sometimes take a long time to submit. (bug 426991)
· In certain cases, new windows would not have proper focus. (bug 446568)
March 27th, 2009· Firefox 3.0.8 is a high-priority firedrill security update to Firefox 3.0.x.
· Fixed exploitable crash in [@txMozillaXSLTProcessor::TransformToDoc ]
March 4th, 2009· Fixed several security issues.
· Fixed several stability issues.
· Items in the "File" menu show as inactive after using the "Print" item from that menu - switching to a new tab restores them (bug 425844). This issue has been fixed.
· For some users, cookies would appear to go “missing” after a few days (bug 444600).
· Mac users of the Flashblock add-on, experienced an issue where sound from the Flash plug-in would continue to play for a short time after closing a tab or window (bug 474022).
· Fixed several issues related to accessibility features.
February 4th, 2009· MFSA 2009-06 Directives to not cache pages ignored
· MFSA 2009-05 XMLHttpRequest allows reading HTTPOnly cookies
· MFSA 2009-04 Chrome privilege escalation via local .desktop files
· MFSA 2009-03 Local file stealing with SessionStore
· MFSA 2009-02 XSS using a chrome XBL method and window.eval
· MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6)
December 19th, 2008· Cross-domain data theft via script redirect error message (Windows)
December 16th, 2008· Fixed several security issues.
· Fixed several stability issues.
· Replaced the End-User License Agreement with a new "Know Your Rights" info bar on initial install.
· When installing multiple signed XPIs simultaneously, previous versions of Firefox would fail.
· Fixed several issues found in the accessibility implementation.
· Added the ability to send OS-specific system notes in the crash reporter.
December 9th, 2008· Added a new Private Browsing Mode.
· Added functions to make it easy to clear recent history by time as well as remove all traces of a website.
· New support for web worker threads.
· The new TraceMonkey JavaScript engine is on by default for web content.
· Improvements to the Gecko layout engine, including speculative parsing for faster content rendering.
· Removed the new tab-switching behavior based on feedback from users
· Support for new web technologies such as the and elements, the W3C Geolocation API, JavaScript query selectors, CSS 2.1 and 3 properties, SVG transforms and offline applications.
December 9th, 2008· Web standards improvements in the Gecko layout engine
· Added support for CSS 2.1 and CSS 3 properties
· A new tab-switching shortcut that shows previews of the tab you're switching to
· Improved control over the Smart Location Bar using special characters to restrict your search
· Support for new web technologies such as the and elements, the W3C Geolocation API, JavaScript query selectors, web worker threads, SVG transforms and offline applications.
November 12th, 2008· Fixed several security issues.
· Fixed several stability issues.
· Updated the internal Public Suffix list.
· Fixed an issue where the IME input tool used to enter Japanese, Korean, Chinese and Indic characters was covered by the "Add Bookmark" panel. (bug 433340)
· Enabled additional EV root certificates. (bug 451305)
· Fixed an issue where some passwords saved using Firefox 3.0.2 did not work properly. (bug 457358)
· In some cases, Firefox would not properly save proxy settings for protocols other than HTTP. (bug 446536)
September 27th, 2008· Fixed a problem where users were unable to retrieve saved passwords or save new passwords.
September 24th, 2008· MFSA 2008-44 resource: traversal vulnerabilities
· MFSA 2008-43 BOM characters stripped from JavaScript before execution
· MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
· MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
· MFSA 2008-40 Forced mouse drag
September 24th, 2008· MFSA 2008-45 XBM image uninitialized memory reading
· MFSA 2008-44 resource: traversal vulnerabilities
· MFSA 2008-43 BOM characters stripped from JavaScript before execution
· MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
· MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
· MFSA 2008-40 Forced mouse drag
· MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw
· MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
· MFSA 2008-37 UTF-8 URL stack buffer overflow
July 2nd, 2008· MFSA 2008-33 Crash and remote code execution in block reflow
· MFSA 2008-32 Remote site run as local file via Windows URL shortcut
· MFSA 2008-31 Peer-trusted certs can use alt names to spoof
· MFSA 2008-30 File location URL in directory listings not escaped properly
· MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
· MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
· MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
· MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
· MFSA 2008-24 Chrome script loading from fastload file
· MFSA 2008-23 Signed JAR tampering
· MFSA 2008-22 XSS through JavaScript same-origin violation
· MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
June 17th, 2008· One-click site info: Click the site favicon in the location bar to see who owns the site and to check if your connection is protected from eavesdropping. Identity verification is prominently displayed and easier to understand. When a site uses Extended Validation (EV) SSL certificates, the site favicon button will turn green and show the name of the company you're connected to.
· Malware Protection: malware protection warns users when they arrive at sites which are known to install viruses, spyware, trojans or other malware.
· New Web Forgery Protection page: the content of pages suspected as web forgeries is no longer shown.
· New SSL error pages: clearer and stricter error pages are used when Firefox encounters an invalid SSL certificate.
· Add-ons and Plugin version check: Firefox now automatically checks add-on and plugin versions and will disable older, insecure versions.
· Secure add-on updates: to improve add-on update security, add-ons that provide updates in an insecure manner will be disabled.
· Anti-virus integration: Firefox will inform anti-virus software when downloading executables.
· Vista Parental Controls: Firefox now respects the Vista system-wide parental control setting for disabling file downloads.
· Effective top-level domain (eTLD) service better restricts cookies and other restricted content to a single domain.
· Better protection against cross-site JSON data leaks.
· Easier password management: an information bar replaces the old password dialog so you can now save passwords after a successful login.
· Simplified add-on installation: the add-ons whitelist has been removed making it possible to install extensions from third-party sites in fewer clicks.
· New Download Manager: the revised download manager makes it much easier to locate downloaded files, and you can see and search on the name of the website where a file came from. Your active downloads and time remaining are always shown in the status bar as your files download.
· Resumable downloading: users can now resume downloads after restarting the browser or resetting your network connection.
· Full page zoom: from the View menu and via keyboard shortcuts, the new zooming feature lets you zoom in and out of entire pages, scaling the layout, text and images, or optionally only the text size. Your settings will be remembered whenever you return to the site.
· Podcasts and Videocasts can be associated with your media playback tools.
· Tab scrolling and quickmenu: tabs are easier to locate with the new tab scrolling and tab quickmenu.
· Save what you were doing: Firefox will prompt users to save tabs on exit.
· Optimized Open in Tabs behavior: opening a folder of bookmarks in tabs now appends the new tabs rather than overwriting.
· Location and Search bar size can now be customized with a simple resizer item.
· Text selection improvements: multiple text selections can be made with Ctrl/Cmd; double-click drag selects in "word-by-word" mode; triple-clicking selects a paragraph.
· Find toolbar: the Find toolbar now opens with the current selection.
· Plugin management: users can disable individual plugins in the Add-on Manager.
· Integration with Windows: Firefox now has improved Windows icons, and uses native user interface widgets in the browser and in web forms.
· Integration with the Mac: the new Firefox theme makes toolbars, icons, and other user interface elements look like a native OS X application. Firefox also uses OS X widgets and supports Growl for notifications of completed downloads and available updates. A combined back and forward control make it even easier to move between web pages.
· Integration with Linux: Firefox's default icons, buttons, and menu styles now use the native GTK theme.
· Star button: quickly add bookmarks from the location bar with a single click; a second click lets you file and tag them.
· Tags: associate keywords with your bookmarks to sort them by topic.
· Location bar & auto-complete: type in all or part of the title, tag or address of a page to see a list of matches from your history and bookmarks; a new display makes it easier to scan through the matching results and find that page you're looking for. Results are returned according to their frecency (a combination of frequency and recency of visits to that page) ensuring that you're seeing the most relevant matches. An adaptive learning algorithm further tunes the results to your patterns!
· Smart Bookmarks Folder: quickly access your recently bookmarked and tagged pages, as well as your more frequently visited pages with the new smart bookmarks folder on your bookmark toolbar.
· Places Organizer: view, organize and search through all of your bookmarks, tags, and browsing history with multiple views and smart folders to store your frequent searches. Create and restore full backups whenever you want.
· Web-based protocol handlers: web applications, such as your favorite webmail provider, can now be used instead of desktop applications for handling mailto: links from other sites. Similar support is available for other protocols (Web applications will have to first enable this by registering as handlers with Firefox).
· Download & Install Add-ons: the Add-ons Manager (Tools > Add-ons) can now be used to download and install a Firefox customization from the thousands of Add-ons available from our community add-ons website. When you first open the Add-ons Manager, a list of recommended Add-ons is shown.
· Easy to use Download Actions: a new Applications preferences pane provides a better UI for configuring handlers for various file types and protocol schemes.
· New graphics and font handling: new graphics and text rendering architectures in Gecko 1.9 provides rendering improvements in CSS, SVG as well as improved display of fonts with ligatures and complex scripts.
· Color management: (set gfx.color_management.enabled on in about:config and restart the browser to enable.) Firefox can now adjust images with embedded color profiles.
· Offline support: enables web applications to provide offline functionality (website authors must add support for offline browsing to their site for this feature to be available to users).
· A more complete overview of Firefox 3 for developers is available for website and add-on developers.
· Speed: improvements to our JavaScript engine as well as profile guided optimizations have resulted in continued improvements in performance. Compared to Firefox 2, web applications like Google Mail and Zoho Office run twice as fast in Firefox 3, and the popular SunSpider test from Apple shows improvements over previous releases.
· Memory usage: Several new technologies work together to reduce the amount of memory used by Firefox 3 over a web browsing session. Memory cycles are broken and collected by an automated cycle collector, a new memory allocator reduces fragmentation, hundreds of leaks have been fixed, and caching strategies have been tuned.
· Reliability: A user's bookmarks, history, cookies, and preferences are now stored in a transactionally secure database format which will prevent data loss even if their system crashes.
April 17th, 2008· Fixed: Crash in JavaScript garbage collector
March 26th, 2008· Fixed:XUL popup spoofing variant (cross-tab popups)
· Fixed: Java socket connection to any local port via LiveConnect
· Fixed: Privacy issue with SSL Client Authentication
· Fixed: HTTP Referrer spoofing with malformed URLs
· Fixed: Crashes with evidence of memory corruption (rv:1.8.1.13)
· Fixed: JavaScript privilege escalation and arbitrary code execution
March 11th, 2008· Firefox 3 Beta 4 includes more than 900 enhancements from the previous beta, including drastic improvements to performance and memory usage, as well as fixes for stability, platform enhancements and user interface improvements. Many of these improvements were based on community feedback from the previous beta.
February 8th, 2008Fixed in Firefox 2.0.0.12:
· MFSA 2008-11 Web forgery overwrite with div overlay
· MFSA 2008-10 URL token stealing via stylesheet redirect
· MFSA 2008-09 Mishandling of locally-saved plain text files
· MFSA 2008-08 File action dialog tampering
· MFSA 2008-06 Web browsing history and forward navigation stealing
· MFSA 2008-05 Directory traversal via chrome: URI
· MFSA 2008-04 Stored password corruption
· MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
· MFSA 2008-02 Multiple file input focus stealing vulnerabilities
· MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
February 4th, 2008· Fixed a bug introduced by the 2.0.0.10 update in the feature that affected some web pages and extensions. There were no security-related fixes in this release.
November 27th, 2007Fixed in Firefox 2.0.0.10:
· MFSA 2007-39 Referer-spoofing via window.location race condition.
· MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10).
· MFSA 2007-37 jar: URI scheme XSS hazard.
September 19th, 2007· The following security issue was fixed: MFSA 2007-28 Code execution via QuickTime Media-link files.
Find us on Google+
