A new version of Firefox was announced yesterday by Mozilla. Yes, you read that correctly: a post on the Mozilla blog announced new versions of Firefox for all platforms. Of course, the announcement doesn’t mention the new version number, and it doesn’t provide any details, it just points to the release notes. Still, it’s progress!

According to the release notes for Firefox 37.0, the new version includes several changes related to security, including ‘improved protection against site impersonation’, and several fixes related to recently-discovered TLS vulnerabilities. WebGL rendering performance on Windows was improved. HTML5 support was also enhanced.

According to the Firefox Security Advisories page, at least 13 security vulnerabilities were fixed in Firefox 37.0.

Update: As of April 1 at 6:53am PST, the version of Firefox I’m currently using (36.0.4) is telling me that ‘Firefox is up to date’. It looks like someone may have forgotten a step when publishing version 37.0. Presumably this will be resolved shortly. If I visit the main Firefox download page, it tells me I’m using an older version of Firefox, and the download link definitely goes to Firefox 37.0.

Update 2015Apr02: According to sources on the official Firefox IRC channel, auto-updates for version 37 have been suspended while the developers look into a crashing problem being reported by some Windows 8 users.

The latest version of Firefox is 36.0.4. It was released on March 21 in response to a successful hack against the browser at the recent Pwn2Own contest. The Security Advisories page describes the vulnerability as Privilege escalation through SVG navigation.

In related news, all four of the major web browsers were successfully hacked at Pwn2Own.

Two security vulnerabilities, discovered at the HP Zero Day Initiative Pwn2Own contest, have been fixed in Firefox 36.0.3.

As usual, there was no proper announcement for the new version. The release notes for 36.0.3 include changes made in previous versions, as you can see by comparing them to the release notes for 36.0.1. At least the changes specific to 36.0.3 are flagged as such.

The Security Advisories (aka Known Vulnerabilities) page now has a section for each version; the most recent changes are listed under the heading ‘Fixed in Firefox 36.0.3’.

Mozilla quietly slipped a new version of Firefox to the public yesterday. Firefox 36.0 fixes at least 17 security issues, adds more HTML5 compatibility, and adds HTTP/2 functionality to the browser.

As usual, I learned about the new version from a non-Mozilla source, this time a post on the CERT alerts blog. There was no announcement at all on the Mozilla blog.

The release notes and security advisories (aka known vulnerabilities) pages provide additional details on the new release.

Update 2015Feb25: I did receive an email alert from Mozilla that could conceivably be considered an announcement for the new version. The Firefox download page includes a ‘Get Firefox news’ signup form, and I was able to confirm the email I received was sent via this mechnism. Sounds good, right? Not really. The email talks exclusively about Firefox’s new(ish) ‘Hello’ chat feature. It never mentions anything about a new version, or even the version in which ‘Hello’ first appeared. It only says that if you want to try it, you should install the latest version of Firefox.

A new version of Firefox was released by Mozilla yesterday. Version 35.0.1 includes fixes for various crashing and security issues.

There was no announcement from Mozilla for Firefox 35.0.1. As usual, I learned of the new release from non-Mozilla web sites. The struggle continues.

Although there have been some improvements to the release notes for Firefox, it’s still often difficult to determine whether the items listed changed in the version being discussed, or in a previous version. For instance, while all the items at the top of the list marked as ‘Fixed’ also refer to version 35.0.1, nothing else on the list refers to a specific version. Many of those items do in fact look like they are related to Firefox 35.0. There’s a link to ‘various security issues‘, but again it’s not clear what on that list is specific to version 35.0.1.

The ‘complete list of changes‘ link to Bugzilla is still not much help.

The latest version of Firefox fixes several security issues and other bugs. Firefox 35 also includes improvements to the new search interface and the built-in ‘Hello’ chat feature.

Anyone who uses Firefox should install the new version as soon as possible.

Firefox 34.0 was released on December 1. The new version includes some security fixes, improves the search bar, and makes switching between profiles a bit easier.

As usual, there was no announcement for this version, despite Mozilla staffers telling me that major releases always get proper announcements on the Mozilla blog.

Further confusing things is a release notes page for version 34.0.5, linked from the main release notes page, that looks almost identical to the page for 34.0. Worse still, Firefox itself won’t update to 34.0.5, and the Firefox download page assures me that I’m running the latest version (that version being 34.0).

Is it just me, or is Mozilla getting worse at this stuff?

Update 2014Dec05: Apparently version 34.0.5 is somehow seen as optional. For whatever reason, the automatic updater and the download page see 34.0 and 34.0.5 as equivalent. The only way to upgrade from 34.0 to 34.0.5 is to download 34.0.5 from the ‘Download a fresh copy‘ page and install it on top of version 34.0.

Update 2014Dec08: Since the only difference between 34.0 and 34.0.5 is the default search provider, and that change only affects users in the US, it seems reasonable to assume that the Firefox download page (as well as Firefox’s self-updater) will only suggest 34.0.5 if you are in the US. My own tests were inconclusive.