Language Selection

English French German Italian Portuguese Spanish

Mozilla Updates Firefox 24 With 17 Security Advisories

Filed under
Moz/FF

The latest open-source Firefox browser release adds new user features and patches critical security vulnerabilities.

Mozilla on Sept. 17 released its latest open-source Firefox browser update for both Android as well as desktop versions for Windows, Mac and Linux operating systems. The Firefox 24 release is light on new user-facing features and heavy on security fixes, providing 17 security advisories, seven of which Mozilla has rated "critical."

Among the critical vulnerabilities that Mozilla is fixing in Firefox 24 are a number of memory safety related security issues.

"Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products," the Mozilla Foundation Security Advisory (MFSA) 2013-76 states. "Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code."

rest here

release notes, download




More in Tux Machines

Devices: Aaeon, Corvalent, and Renesas Electronics

Red Hat and Servers: India, China, Docker and Kubernetes

GNOME: LVFS and Epiphany

  • Richard Hughes: Shaking the tin for LVFS: Asking for donations!
    Nearly 100 million files are downloaded from the LVFS every month, the majority being metadata to know what updates are available. Although each metadata file is very small it still adds up to over 1TB in transfered bytes per month. Amazon has kindly given the LVFS a 2000 USD per year open source grant which more than covers the hosting costs and any test EC2 instances. I really appreciate the donation from Amazon as it allows us to continue to grow, both with the number of Linux clients connecting every hour, and with the number of firmware files hosted. Before the grant sometimes Red Hat would pay the bandwidth bill, and other times it was just paid out my own pocket, so the grant does mean a lot to me. Amazon seemed very friendly towards this kind of open source shared infrastructure, so kudos to them for that. At the moment the secure part of the LVFS is hosted in a dedicated Scaleway instance, so any additional donations would be spent on paying this small bill and perhaps more importantly buying some (2nd hand?) hardware to include as part of our release-time QA checks.
  • Epiphany 3.28 Development Kicks Off With Safe Browsing, Better Flatpak Handling
    Epiphany 3.27.1 was released a short time ago as the first development release of this web-browser for the GNOME 3.28 cycle. For being early in the development cycle there is already a fair number of improvements with Epiphany 3.27.1. Some of the highlights include Google Safe Browsing support, a new address bar dropdown powered by libdazzle, and improvements to the Flatpak support.
  • Safe Browsing in Epiphany
    I am pleased to announce that Epiphany users will now benefit from a safe browsing support which is capable to detect and alert users whenever they are visiting a potential malicious website. This feature will be shipped in GNOME 3.28, but those who don’t wish to wait that long can go ahead and build Epiphany from master to benefit from it. The safe browsing support is enabled by default in Epiphany, but you can always disable it from the preferences dialog by toggling the checkbox under General -> Web Content -> Try to block dangerous websites.

today's howtos