Context Navigation

← Previous Ticket
Next Ticket →

#6801 closed enhancement (fixed)

firefox-40.0

Reported by:	bdubbs@…	Owned by:	Fernando de Oliveira
Priority:	high	Milestone:	7.8
Component:	BOOK	Version:	SVN
Severity:	normal	Keywords:
Cc:

Description (last modified by Fernando de Oliveira) ¶

https://ftp.mozilla.org/pub/firefox/releases/40.0/source/firefox-40.0.source.tar.bz2

https://ftp.mozilla.org/pub/firefox/releases/40.0/MD5SUMS

md5sum: 62b9e6a4a46874a0be523fe41d3176e2

Bruce will probably be interested:

◦ New rules view tooltip in the Inspector to tweak CSS Filter values

https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0

• Security Advisories for Firefox ¶

Sorted by Impact key level, not original time stamp order.

Fixed in Firefox 40

• Critical
   ◦ 2015-89 Buffer overflows on Libvpx when decoding WebM video
   ◦ 2015-83 Overflow issues in libstagefright
   ◦ 2015-81 Use-after-free in MediaStream playback
   ◦ 2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)

• High
   ◦ 2015-92 Use-after-free in XMLHttpRequest with shared workers
   ◦ 2015-90 Vulnerabilities found through code inspection
   ◦ 2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
   ◦ 2015-85 Out-of-bounds write with Updater and malicious MAR file
   ◦ 2015-84 Arbitrary file overwriting through Mozilla Maintenance
     Service with hard links
   ◦ 2015-82 Redefinition of non-configurable JavaScript object
     properties
   ◦ 2015-80 Out-of-bounds read with malformed MP3 file

• Moderate
   ◦ 2015-91 Mozilla Content Security Policy allows for asterisk
     wildcards in violation of CSP specification
   ◦ 2015-87 Crash when using shared memory in JavaScript

• Low
   ◦ 2015-86 Feed protocol with POST bypasses mixed content protections

https://www.mozilla.org/en-US/firefox/40.0/releasenotes/

• Release Notes ¶

Firefox Notes
Version 40.0, first offered to Release channel users on August 11, 2015

What’s New

• New

  ◦ Support for Windows 10
  ◦ Added protection against unwanted software downloads
  ◦ User can receive suggested tiles in the new tab page based on
    categories Firefox matches to browsing history (en-US only).
  ◦ Hello allows adding a link to conversations to provide context on
    what the conversation will be about
  ◦ New style for add-on manager based on the in-content preferences
    style
  ◦ Improved scrolling, graphics, and video playback performance with
    off main thread compositing (GNU/Linux only)
  ◦ Graphic blocklist mechanism improved: Firefox version ranges can be
    specified, limiting the number of devices blocked

• Changed

  ◦ Add-on extensions that are not signed by Mozilla will display a
    warning
  ◦ NPAPI Plug-in performance improved via asynchronous initialization
  ◦ Smoother animation and scrolling with hardware vsync (Windows only)
  ◦ JPEG images use less memory when scaled and can be painted faster
  ◦ Sub-resources can no longer request HTTP authentication, thus
    protecting users from inadvertently disclosing login data

• HTML5

  ◦ IndexedDB transactions are now non-durable by default
  ◦ Implemented AudioBufferSourceNode.detune to modulate playback rate
    in cents, a logarithmic unit of measure used for musical intervals

• Developer

  ◦ Improved Performance tools in the developer tools: Waterfall view,
    Call Tree view and a Flame Chart view
  ◦ New rules view tooltip in the Inspector to tweak CSS Filter values
  ◦ Console API messages from SharedWorker and ServiceWorker are now
    displayed in web console
  ◦ New page ruler highlighting tool that displays lightweight
    horizontal and vertical rules on a page
  ◦ Inspector now searches across all content frames in a page

• Fixed

  ◦ Kannada text does not display properly in built-in pdf viewer

Change History (3)

comment:1 by Fernando de Oliveira, 10 years ago

Description:	modified (diff)
Owner:	changed from blfs-book@… to Fernando de Oliveira
Priority:	normal → high
Status:	new → assigned

Starting late today. Was fixing a problem in a very important VM.

comment:2 by Fernando de Oliveira, 10 years ago

Resolution:	→ fixed
Status:	assigned → closed

Update to firefox-40.0.
Update to gnutls-3.4.4.1.
Update to openssh-7.0p1 and ssh-askpass-7.0p1.
SoundTouch-1.9.0: typo and add short description.
GTK+-2.24.28: reformat commands to decrease width. I'm

doing this systematically, due to discussions about (B)LFS format changes and reading (B)LFS in new small screen devices. Now, 80 is maximum, but 60 is a better target, when possible.

Fixed at r16341.

comment:3 by Fernando de Oliveira, 10 years ago

Description:	modified (diff)

I have modified the Description, now that all info is available for 40.0, including Security Advisories for Firefox.

Motivated also by the thread on -dev about crashes, which I will rply better today.

Starting late the once again: today, problem was my internet provider was down.

The release notes are the same for beta.

Apologies, because I forgot the Security Advisories for Firefox, yesterday.

Thanks to Ken, for reminding me.

Note: See TracTickets for help on using tickets.

Download in other formats: