Risk
1/11/2010
02:14 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Firefox 3.6 Release Candidate Available

After being delayed last month, Firefox 3.6 is almost ready.

Mozilla on Sunday said that the Firefox 3.6 release candidate is now available for downloading.

Release candidate builds are supposed to be less buggy than beta builds but may have a few lingering compatibility and stability issues.

Firefox 3.6, an update from the current stable version 3.5.7, was suppose to be made available in Q4 2009, but Mozilla pushed back its target release date last month.

The next major Firefox release, version 4.0, was also pushed back until late 2010 or early 2011, with a beta due this summer.

Firefox 4.0 includes a project called Electrolysis, which will launch each tab window under a separate process, an innovation that first appeared in Google Chrome. This will help make Firefox more secure and more stable. Firefox 4.0 may also bring user interface changes.

Mozilla faces a rising challenge from Google Chrome, which by NetApplications' measure last month passed Apple's Safari browser in global market share. That challenge is magnified by the increasing importance of Web browsing on mobile devices, where Firefox is not as well-established as it is on the desktop and is unavailable on devices like the iPhone.

Nonetheless, Firefox's growth appears to be healthy. "In the 4 months leading up to the holiday season, Firefox added 22.8 million active daily users," said Mozilla's "analytics guru" Blake Cutler in a blog post on Friday. "During that same period last year, Firefox added 16.4 million users."

The official release of Firefox 3.6 should happen before the end of the month, assuming no show-stopping bugs are found in the release candidate.

Version 3.6 allows users to change the way Firefox looks, thanks to built-in support for Personas, a Mozilla project that allows easy customization of the browser's appearance.

It features improved JavaScript performance, automatic detection of outdated plugins, a "full screen" menu option for videos embedded using the HTML5 video tag, support for location-aware browsing on some laptops and mobile devices, and support for the the Web Open Font Format, known as WOFF.

Firefox 3.6 will no longer load third-party components installed in its internal components directory, a change that promotes stability and security. It also introduces support for a number of new features for Web developers, such as the ability to detect device orientation and accelerometer support in Mac laptops.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1544
Published: 2014-07-23
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer...

CVE-2014-1547
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1548
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1549
Published: 2014-07-23
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and applica...

CVE-2014-1550
Published: 2014-07-23
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.