Mozilla has released an update for the stable version of its Firefox web browser that brings the version of it to Firefox 49.0.2.
Firefox 49.0.2 is a bug fix and security release that fixes several issues in the browser, among them two that we talked about just yesterday.
The new version is already available, and users may want to run a manual check for updates to speed up the updating process. This goes especially for users who are affected by one or multiple of the bugs fixed in the new version.
Do the following to run a manual update check in Firefox:
- Tap on the Alt-key on the computer keyboard, and select Help > About Firefox from the menu.
This should open a small About Mozilla Firefox window on the screen that checks for updates automatically. Firefox should find the version 49.0.2 update for the browser, and either download and install it automatically, or suggest to do so.
The following issues are fixed in the new version: (here is the changelog link)
- Asynchronous plugin rendering for Flash is now enabled by default. This addresses performance issues and should reduce crashes when visiting sites that use Flash. (Bug 1307108)
- D3D9 fallback disabled if hardware acceleration is used to prevent graphical artifacts on the screen. (Bug 1306465)
- Fixed a network bug that prevented some Firefox users from seeing the user interface on start. (Bug 1305436)
- Fixed a compatibility issue that affected file uploads. (Bug 1306472)
- Fixed another issue affecting Array.prototype.values. (Bug 1299593)
- Fixed a canvas filters graphics issue in HTML5 apps. (Bug 1304539)
- Changed diagnostic information on timing for tab switching. (Bug 1304113)
Mozilla on top of that fixed several security vulnerabilities in Firefox 49.0.2.
CVE-2016-5287: Crash in nsTArray_base<T>::SwapArrayElements
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49.
CVE-2016-5288: Web content can read cache entries
A Cliqz.com developer demonstrated that web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49.
The Android version has been updated as well to Firefox 49.0.2 for Android. It only got one of the fixes that dealt with compatibility issues with file uploads, and the security fixes.
Now You: Have you been affected by any of the issues?