Mozilla

The H-Online: Opera has published a development snapshot of version 12 of its web browser that adds support for Mozilla’s “Do Not Track” (DNT) header. Code-named “Wahoo”, the unstable release is the first from Opera to support the DNT header, which signals web sites that the browser user wishes to opt-out of online behavioral tracking; online advertising networks use cookies and other web technologies to recognize internet users and serve them tailored advertising. Support for DNT in Opera 12 is currently disabled by default. Users can enable it in the preferences dialogue by selecting “Preferences > Advanced > Security > Ask websites not to track me”. ...

The H-Online: Mozilla has released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1 and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients which appeared in version 10. The security advisory says that versions previous to Firefox 10, Thunderbird 10 and SeaMonkey 2.7 are unaffected by the use after free problem. The problem was discovered by Mozilla developers and causes a “potentially exploitable” crash in nsXBLDocumentInfo::ReadPrototypeBindings. Updates are available through Firefox, Thunderbird and SeaMonkey’s automatic update system and can be made to install by bringing up the “About” dialogue for the relevant application and selecting the “Apply Upgrade” button when it appears. Firefox and Thunderbird 10 were released at the end of January. ...

gHacks: Mozilla, developers of the popular Firefox web browser, have just released an update for the browser’s stable branch that moves the version to 10.0.1. The release may come as a surprise to users of Firefox 10, who were updated to that version only ten days ago. This is not the first occurrence that a critical update is released shortly after a major version upgrade of the web browser. Similar updates had to be delivered after the release of Firefox 9 and Firefox 8. ...

The H-Security: Following the release of new versions of its open source Firefox web browser, Thunderbird email client and SeaMonkey suite, Mozilla has detailed the security fixes included in each of the updates. According to the project’s Security Center page for Firefox, version 10.0 closes a total of 8 security holes in the browser, 5 of which are rated as “Critical” by Mozilla. The critical issues include an exploitable crash when processing a malformed embedded XSLT stylesheet, potential memory corruption when decoding Ogg Vorbis files, XPConnect security checks being bypassed by frame scripts, a use after free error in child nodes from nsDOMAttribute and various memory safety hazards. These vulnerabilities could be exploited remotely by an attacker to, for example, execute arbitrary code on a victim’s system. ...

Protect the Internet Help us stop the Internet Blacklist Legislation Mozilla: On November 16th, Congress holds hearings on the first American Internet censorship system. This bill can pass. If it does, the Internet and free speech will never be the same. Join us to stop this bill. Why? A few infringing links are enough to justify censoring an entire site, blocking good content along with the bad. ...

mozillalinks.org: Do you need the forward button? Most likely yes, but it is rarely used compared to the back button, which is the single most used widget in any browser user interface. So it doesn’t make sense to keep it present at all times, stealing focus from its helpful neighbor. To address this, current Firefox nightlies feature the forward button as optional. If there is nowhere to go further, the button is hidden instead of just disabled as shown in the screenshot below. ...

Mozilla Security Blog: Mozilla just released an update to Firefox for Desktop, Thunderbird and SeaMonkey. Updates are now available for: Firefox for Windows, Mac and Linux (final release) Firefox for Windows, Mac and Linux (3.6.21 final release) Firefox Aurora for Windows, Mac and Linux Firefox Nightly for Windows, Mac and Linux SeaMonkey (2.3.2) Thunderbird (6.0.1) We strongly recommend that all users upgrade to these releases. If you already have Firefox, you will receive an automated update notification within 24 to 48 hours. Users can also manually check for updates if they do not want to wait for the automatic update. ...

gHacks: One “by-product” of the rapid release cycle of the Firefox web browser is the version number increase that goes along with every new release of the web browser. Firefox this year jumped from Firefox 3 all the way to the latest version Firefox 8, and we are not even at the end of the year. Mozilla interestingly enough plans to hide the version number in the Firefox web browser. Asa Dotzler added an entry to Bugzilla to remove the version of the browser from the about Window dialog in the browser. ...

Mashable: Firefox 6 isn’t scheduled to be released until Tuesday, but Mozilla has uploaded installation files to a FTP server for those who want to get their hands on the upgraded browser early. Although the new version doesn’t sport any major UI changes, the browser is reportedly 20% faster than Firefox 5. Startup time has been improved, especially for those with lots of tabs and groups. Users can now determine whether they want to load their tab groups when launching the browser, or load them within the Panorama grouping tool. ...

H-Online: Security specialist Sophos reports that it has discovered new spam email messages that claim to be an advisory related to an update to the open source Firefox web browser. The fake advisory asks users to update their Firefox installations, “for security reasons”, and includes a download link to the supposed update. According to Graham Cluley of Sophos, the download leads to an executable file that bundles an installer for the Windows version of Firefox 5.0.1 and a password-stealing trojan (Troj/PWS-BSF). As noted by Cluley, users should always exercise caution when clicking on links in emails. ...