Mozilla Foundation released an updated version of their flagship browser Mozilla Firefox to version 3.5.4. Mozilla Firefox 3.5.4 update fixed the following issues. As we have noted in the past, Firefox is a buggy web browser and since 3.5.2, we have dropped it in the list of free softwares in our computer. It may sound harsh a bit but we were fed up with Mozilla’s inability to improve Firefox. Bugs, errors and frequent crashing were common scenarios and millions of users did not like the way it loads pages. Problems with Firefox 3.5.4 though have been identified as early as now despite the manufacturer’s attempt to address many of the identified bugs in previous versions.
Several security issues addressed in the new Firefox 3.5.4 update are:
1. MFSA 2009-64 Crashes with evidence of memory corruption (rv:22.214.171.124/ 126.96.36.199)
2. MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
3. MFSA 2009-62 Download filename spoofing with RTL override
4. MFSA 2009-61 Cross-origin data theft through document.getSelection()
5. MFSA 2009-59 Heap buffer overflow in string to number conversion
6. MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
7. MFSA 2009-56 Heap buffer overflow in GIF color map parser
8. MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
9. MFSA 2009-54 Crash with recursive web-worker calls
10. MFSA 2009-53 Local downloaded file tampering
11. MFSA 2009-52 Form history vulnerable to stealing
Other Important Bug Fixes in Mozilla Firefox 3.5.4 include:
- Fixed several stability issues.
- Added the ability to re-submit crash reports.
- After using Clear Recent History some SSL sites would not load all images and styles without pressing reload.
Some bugs are here to stay until further fixes:
- Restoring your bookmarks from a backup can take some time, during which the browser may seem unresponsive
- Firefox 3.5 will only support color profiles as specified by ICC v2, later versions will add support for ICC v4
- Websites using the new downloadable font support that wish to change the color using :hover will also need to add text-rendering : optimizeLegibility for font sizes less than 20 pixels
- Some sites with Flash can cause problems with the Cookies dialog
- Web pages can no longer automatically install PKCS11 cryptographic tokens. Users are now required to do this manually or install an Add-on that installs them.
Microsoft Windows (XP, Vista and we will assume Windows 7 Ultimate, Home Premium and Professional versions)
If you select Fax from the Print Dialog, the Windows Fax dialog will appear and then disappear. Faxing still works from other applications.
Mac OS X
If the user repeatedly changes the paper size and asks for a Print Preview, Firefox may crash.
Linux and Unix Systems
- Zooming out on some sites may result in grey or black lines appearing.
- If any of the bugs gets in your way, you might consider using other browsers for the mean time. We suggest Opera 10 and Flock 2.5.2 (a relative of Firefox for using the same engine).