196 replies to this topic

[AplusWebMaster]

FYI...

Firefox 58.0 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla....US/firefox/all/

> https://www.mozilla....0/releasenotes/
Jan 23, 2018
New: Performance improvements, including:
        Rendering graphics for Windows users by using Off-Main-Thread Painting (OMTP)
        Loading pages faster by changing how Firefox caches and retrieves JavaScript
    Improvements to Firefox Screenshots:
        Copy and paste screenshots directly to your clipboard
        Firefox Screenshots now works in Private Browsing mode
    Added Nepali (ne-NP) locale
    In case you missed it—57 Release privacy and performance feature:
    Users can enable Tracking Protection at all times. Learn how to turn Tracking Protection on.
Fixed:
    Fonts installed in non-standard directories will no longer appear blank for Linux users
    Various security fixes*
Changed:
    User profiles created in Firefox 58 (and in future releases) are not supported in previous versions of Firefox. Users who downgrade to a previous version should create a new profile for that version. Learn about alternatives to downgrading on our support site.
    Added a warning to alert users and site owners of planned security changes to sites affected by the gradual distrust plan for the Symantec certificate authority

* https://www.mozilla....efox/#firefox58
...
- https://www.mozilla....es/mfsa2018-02/
CVE-2018-5091: Use-after-free with DTMF timers
Critical
CVE-2018-5090: Memory safety bugs fixed in Firefox 58
Critical
CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
Critical
___

Firefox ESR 52.6 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla....anizations/all/

Release notes: https://www.mozilla....0/releasenotes/
Jan 23, 2018
    Various stability and regression fixes
    Various security fixes*
* https://www.mozilla....#firefoxesr52.6
...
- https://www.mozilla....es/mfsa2018-03/
CVE-2018-5091: Use-after-free with DTMF timers
Critical
CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
Critical
___

- https://www.us-cert....ecurity-Updates
Jan 23, 2018
 

[AplusWebMaster]

FYI...

Firefox 58.0.1 released

Start Firefox, then >Help >About >Apply Update ...
-or-
Download: https://www.mozilla....US/firefox/all/

> https://www.mozilla....1/releasenotes/
Jan 29, 2018
Fixed:
 Security fix: When using certain non-default security policies on Windows (for example with Windows Defender Exploit

Protection or Webroot security products), Firefox 58.0 would fail to load pages (bug 1433065).

- https://www.mozilla....es/mfsa2018-05/
Jan 29, 2018
Critical
Fixed in: Firefox 58.0.1
 This issue did not affect Firefox for Android or Firefox 52 ESR.
References: Sanitize HTML fragments created for chrome-privileged documents (CVE-2018-5124)
___

- https://www.us-cert....-Update-Firefox
Jan 30, 2018
___

- https://www.security....com/id/1040308
CVE Reference: CVE-2018-5124
Jan 30 2018
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (58.0.1).
 

Edited by AplusWebMaster, 02 February 2018 - 07:17 AM.