Context Navigation

← Previous Change
Ticket History
Next Change →

Changes between Version 2 and Version 4 of Ticket #6583

Timestamp:: 07/03/2015 10:16:30 AM (9 years ago)
Author:: Fernando de Oliveira
Comment:: Now 39.0.

Legend:

: Unmodified
: Added
: Removed
: Modified

Ticket #6583
- Property Milestone hold → 7.8
- Property Summary firefox-38.0.6 (place holder) → firefox-39.0
- Property Priority normal → high

Ticket #6583 – Description

-              v2
+              v4
+[https://ftp.mozilla.org/pub/firefox/releases/39.0/source/firefox-39.0.source.tar.bz2]
+== Wait for next ''regular'' release (see #comment:1). ==
+[https://ftp.mozilla.org/pub/firefox/releases/39.0/MD5SUMS]
+md5sum: 34d9841bc9b8a85aaf06e311cf1cb263
 [https://ftp.mozilla.org/pub/firefox/releases/38.0.6/source/firefox-38.0.6.source.tar.bz2]
+[https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39]
+[https://ftp.mozilla.org/pub/firefox/releases/38.0.6/MD5SUMS]
+{{{
+ Fixed in Firefox 39
+md5sum: 4dabcc02d89757d1bf92b9d40a6070a1
+  • Critical
+-66 Vulnerabilities found through code inspection
+-65 Use-after-free in workers while using XMLHttpRequest
+-63 Use-after-free in Content Policy due to microtask execution
+    error
+-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 /
+    rv:38.1)
+[https://www.mozilla.org/en-US/firefox/38.0.6/releasenotes/]
+  • High
+-69 Privilege escalation in PDF.js
+-61 Type confusion in Indexed Database Manager
+Notes not yet available.
+  • Moderate
+-71 NSS incorrectly permits skipping of ServerKeyExchange
+-70 NSS accepts export-length DHE keys with regular DHE cipher
+    suites
+-67 Key pinning is ignored when overridable errors are
+    encountered
+-64 ECDSA signature validation fails to handle some signatures
+    correctly
+-62 Out-of-bound read while computing an oscillator rendering
+    range in Web Audio
+-60 Local files or privileged URLs in pages can be opened into
+    new tabs
+  • Low
+-68 OS X crash reports may contain entered key press information
+}}}
+[https://www.mozilla.org/en-US/firefox/39.0/releasenotes/]
+{{{
+What’s New
+  • New
+    Share Hello URLs with social networks
+    Project Silk: Smoother animation and scrolling (Mac OS X)
+    Support for 'switch' role in ARIA 1.1 (web accessibility)
+    SafeBrowsing malware detection lookups enabled for downloads (Mac OS
+    X and Linux)
+    Support for new Unicode 8.0 skin tone emoji
+  • Changed
+    Removed support for insecure SSLv3 for network communications
+    Disable use of RC4 except for temporarily whitelisted hosts
+    The malware detection service for downloads now covers common Mac
+    file types (Bug 1138721)
+    Performance of displaying dashed lines is improved (Mac OS X) (Bug
+    1123019)
+  • HTML5
+    List-style-type now accepts a string value
+    Enable the Fetch API for network requests from dedicated, shared and
+    service workers
+    Cascading of CSS transitions and animations now matches the current
+    spec
+    Implement <link rel="preconnect">allowing anticipation of a future
+    connection without revealing any information
+    Added support for CSS Scroll Snap Points
+  • Developer
+    Drag and drop enabled for nodes in Inspector markup view
+    Webconsole input history persists even after closing the toolbox
+    Cubic bezier tooltip now shows a gallery of timing-function presets
+    for use with CSS animations
+    localhost is now available offline for WebSocket connections
+  • Fixed
+    Improve performance for IPv6 fallback to IPv4
+    Fix incomplete downloads being marked as complete by detecting
+    broken HTTP1.1 transfers
+    The Security state indicator on a page now correctly ignores loads
+    caused by previous pages
+    Fixed an issue where a Hello conversation window would sometimes
+    fail to open
+    A regression that could lead to Flash not displaying has been fixed
+    Update to NSS 3.19.2
+    Various security fixes
+}}}