Opened 9 years ago
Closed 9 years ago
#6583 closed enhancement (fixed)
firefox-39.0
Reported by: | Fernando de Oliveira | Owned by: | |
---|---|---|---|
Priority: | high | Milestone: | 7.8 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description (last modified by )
https://ftp.mozilla.org/pub/firefox/releases/39.0/source/firefox-39.0.source.tar.bz2
https://ftp.mozilla.org/pub/firefox/releases/39.0/MD5SUMS
md5sum: 34d9841bc9b8a85aaf06e311cf1cb263
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39
Fixed in Firefox 39 • Critical 2015-66 Vulnerabilities found through code inspection 2015-65 Use-after-free in workers while using XMLHttpRequest 2015-63 Use-after-free in Content Policy due to microtask execution error 2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1) • High 2015-69 Privilege escalation in PDF.js 2015-61 Type confusion in Indexed Database Manager • Moderate 2015-71 NSS incorrectly permits skipping of ServerKeyExchange 2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites 2015-67 Key pinning is ignored when overridable errors are encountered 2015-64 ECDSA signature validation fails to handle some signatures correctly 2015-62 Out-of-bound read while computing an oscillator rendering range in Web Audio 2015-60 Local files or privileged URLs in pages can be opened into new tabs • Low 2015-68 OS X crash reports may contain entered key press information
https://www.mozilla.org/en-US/firefox/39.0/releasenotes/
What’s New • New Share Hello URLs with social networks Project Silk: Smoother animation and scrolling (Mac OS X) Support for 'switch' role in ARIA 1.1 (web accessibility) SafeBrowsing malware detection lookups enabled for downloads (Mac OS X and Linux) Support for new Unicode 8.0 skin tone emoji • Changed Removed support for insecure SSLv3 for network communications Disable use of RC4 except for temporarily whitelisted hosts The malware detection service for downloads now covers common Mac file types (Bug 1138721) Performance of displaying dashed lines is improved (Mac OS X) (Bug 1123019) • HTML5 List-style-type now accepts a string value Enable the Fetch API for network requests from dedicated, shared and service workers Cascading of CSS transitions and animations now matches the current spec Implement <link rel="preconnect">allowing anticipation of a future connection without revealing any information Added support for CSS Scroll Snap Points • Developer Drag and drop enabled for nodes in Inspector markup view Webconsole input history persists even after closing the toolbox Cubic bezier tooltip now shows a gallery of timing-function presets for use with CSS animations localhost is now available offline for WebSocket connections • Fixed Improve performance for IPv6 fallback to IPv4 Fix incomplete downloads being marked as complete by detecting broken HTTP1.1 transfers The Security state indicator on a page now correctly ignores loads caused by previous pages Fixed an issue where a Hello conversation window would sometimes fail to open A regression that could lead to Flash not displaying has been fixed Update to NSS 3.19.2 Various security fixes
Change History (6)
comment:1 by , 9 years ago
comment:2 by , 9 years ago
Description: | modified (diff) |
---|---|
Milestone: | 7.8 → hold |
Summary: | firefox-38.0.6 → firefox-38.0.6 (place holder) |
comment:4 by , 9 years ago
Description: | modified (diff) |
---|---|
Milestone: | hold → 7.8 |
Priority: | normal → high |
Summary: | firefox-38.0.6 (place holder) → firefox-39.0 |
Now 39.0.
comment:5 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
Note:
See TracTickets
for help on using tickets.
That link for releasenotes
Spent some time trying to understand, but still a mystery...
I've seen discussions, apparently this was a released mistake or for special purpose.
But it will be always picked by the BLFS Package Currency Check.
Think we should change this to hold.