Opened 6 years ago

Closed 6 years ago

#6583 closed enhancement (fixed)

firefox-39.0

Reported by: Fernando de Oliveira Owned by: bdubbs@…
Priority: high Milestone: 7.8
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description (last modified by Fernando de Oliveira)

https://ftp.mozilla.org/pub/firefox/releases/39.0/source/firefox-39.0.source.tar.bz2

https://ftp.mozilla.org/pub/firefox/releases/39.0/MD5SUMS

md5sum: 34d9841bc9b8a85aaf06e311cf1cb263

https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39

 Fixed in Firefox 39

  • Critical
    2015-66 Vulnerabilities found through code inspection
    2015-65 Use-after-free in workers while using XMLHttpRequest
    2015-63 Use-after-free in Content Policy due to microtask execution
    error
    2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 /
    rv:38.1)

  • High
    2015-69 Privilege escalation in PDF.js
    2015-61 Type confusion in Indexed Database Manager

  • Moderate
    2015-71 NSS incorrectly permits skipping of ServerKeyExchange
    2015-70 NSS accepts export-length DHE keys with regular DHE cipher
    suites
    2015-67 Key pinning is ignored when overridable errors are
    encountered
    2015-64 ECDSA signature validation fails to handle some signatures
    correctly
    2015-62 Out-of-bound read while computing an oscillator rendering
    range in Web Audio
    2015-60 Local files or privileged URLs in pages can be opened into
    new tabs

  • Low
    2015-68 OS X crash reports may contain entered key press information

https://www.mozilla.org/en-US/firefox/39.0/releasenotes/

What’s New

  • New
    Share Hello URLs with social networks
    Project Silk: Smoother animation and scrolling (Mac OS X)
    Support for 'switch' role in ARIA 1.1 (web accessibility)
    SafeBrowsing malware detection lookups enabled for downloads (Mac OS
    X and Linux)
    Support for new Unicode 8.0 skin tone emoji

  • Changed
    Removed support for insecure SSLv3 for network communications
    Disable use of RC4 except for temporarily whitelisted hosts
    The malware detection service for downloads now covers common Mac
    file types (Bug 1138721)
    Performance of displaying dashed lines is improved (Mac OS X) (Bug
    1123019)

  • HTML5
    List-style-type now accepts a string value
    Enable the Fetch API for network requests from dedicated, shared and
    service workers
    Cascading of CSS transitions and animations now matches the current
    spec
    Implement <link rel="preconnect">allowing anticipation of a future
    connection without revealing any information
    Added support for CSS Scroll Snap Points

  • Developer
    Drag and drop enabled for nodes in Inspector markup view
    Webconsole input history persists even after closing the toolbox
    Cubic bezier tooltip now shows a gallery of timing-function presets
    for use with CSS animations
    localhost is now available offline for WebSocket connections

  • Fixed
    Improve performance for IPv6 fallback to IPv4
    Fix incomplete downloads being marked as complete by detecting
    broken HTTP1.1 transfers
    The Security state indicator on a page now correctly ignores loads
    caused by previous pages
    Fixed an issue where a Hello conversation window would sometimes
    fail to open
    A regression that could lead to Flash not displaying has been fixed
    Update to NSS 3.19.2
    Various security fixes

Change History (6)

comment:1 by Fernando de Oliveira, 6 years ago

That link for releasenotes

404: Page Not Found — Mozilla

Spent some time trying to understand, but still a mystery...

I've seen discussions, apparently this was a released mistake or for special purpose.

But it will be always picked by the BLFS Package Currency Check.

Think we should change this to hold.

comment:2 by Fernando de Oliveira, 6 years ago

Description: modified (diff)
Milestone: 7.8hold
Summary: firefox-38.0.6firefox-38.0.6 (place holder)

comment:4 by Fernando de Oliveira, 6 years ago

Description: modified (diff)
Milestone: hold7.8
Priority: normalhigh
Summary: firefox-38.0.6 (place holder)firefox-39.0

Now 39.0.

comment:5 by bdubbs@…, 6 years ago

Owner: changed from blfs-book@… to bdubbs@…
Status: newassigned

comment:6 by bdubbs@…, 6 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 16214.

Note: See TracTickets for help on using tickets.