Mozilla released Firefox 3.0.5 and your automatic update should have kicked in by now. This release is mainly focused on security and stability updates for the Firefox 3 release. You can find a list of security fixes at the end of this post.
In addition to the security fixes, the following updates are included in this release:
- Official releases for the Bengali, Esperanto, Galician, Hindi, and Latvian languages are now available.
- Replaced the End-User License Agreement with a new "Know Your Rights" info bar on initial install.
- When installing multiple signed XPIs simultaneously, previous versions of Firefox would fail.
- Fixed several issues found in the accessibility implementation.
- Added the ability to send OS-specific system notes in the crash reporter.
|MFSA 2008-60||Critical||Crashes with evidence of memory corruption (rv:184.108.40.206/220.127.116.11)|
|MFSA 2008-63||Low||User tracking via XUL persist attribute|
|MFSA 2008-64||Moderate||XMLHttpRequest 302 response disclosure|
|MFSA 2008-65||High||Cross-domain data theft via script redirect error message|
|MFSA 2008-66||Low||Errors parsing URLs with leading whitespace and control characters|
|MFSA 2008-67||Low||Escaped null characters ignored by CSS parser|
|MFSA 2008-69||Critical||XSS vulnerabilities in SessionStore|