Another new version of Firefox was made available by Mozilla on Thursday. This one seems to consist mostly of bug fixes, although some new functionality was added, including full support for HTTP/2. Compatibility with HTML5 was improved. The release notes claim there were also ‘various security fixes’ but the Security Advisories (aka Known Vulnerabilities) page doesn’t bear that out.
As usual, I learned about the new version from a source other than Mozilla, which is an ongoing source of frustration.
On March 3, Oracle announced a new version of Java 8, designated Update 40. This update includes a variety of improvements for stability and performance, but no security fixes.
A new version of Chrome was released on Tuesday. Version 41.0.2272.76 includes fixes for at least 51 security vulnerabilities, as well as a number of other fixes related to stability and performance.
Mozilla quietly slipped a new version of Firefox to the public yesterday. Firefox 36.0 fixes at least 17 security issues, adds more HTML5 compatibility, and adds HTTP/2 functionality to the browser.
Update 2015Feb25: I did receive an email alert from Mozilla that could conceivably be considered an announcement for the new version. The Firefox download page includes a ‘Get Firefox news’ signup form, and I was able to confirm the email I received was sent via this mechnism. Sounds good, right? Not really. The email talks exclusively about Firefox’s new(ish) ‘Hello’ chat feature. It never mentions anything about a new version, or even the version in which ‘Hello’ first appeared. It only says that if you want to try it, you should install the latest version of Firefox.
Google is getting increasingly sloppy with its release notes for Chrome. Will they clean up their act, or move even closer to the chaotic and confusing methods employed by Mozilla for Firefox?
A new version of WordPress, described as a maintenance release by the developers, was announced yesterday.
The new version includes fixes for several minor bugs, none of which are related to security. The announcement page includes a link to the list of tickets corresponding to the changes in this release.
WordPress sites that are configured for automatic updates should have the new version installed automatically over the next couple of days.
Microsoft has announced this month’s updates. There are nine bulletins and associated patches, addressing 56 vulnerabilities in Windows, Office and Internet Explorer. Three are flagged as Critical.
Recommendation: install these updates as soon as possible. At least one of them fixes a bug that’s currently being exploited in the wild.
The latest version of Chrome fixes eleven security issues. Version 40.0.2214.111 also includes the latest embedded version of Flash (16.0.0.305).
The release notes for Chrome 40.0.2214.111 describe some of the changes in the new version. There’s a link to the ‘full list of changes’, but since the linked page is an automated change log from the version management software Git, it’s aimed at developers and not much use for regular users. A link to ’11 security fixes’ currently displays an empty page.
In any case, since the new Chrome contains security fixes and the new Flash, anyone using the browser is strongly encouraged to allow Chrome to update itself before using it for web browsing.
To their credit, Adobe is reacting swiftly to the recent outbreak of critical vulnerabilities in Flash. They just released another new version (16.0.0.305) to address vulnerability CVE-2015-0313, which is being actively exploited on the Internet.
Anyone using Flash, especially in a web browser, should install the new version as soon as possible.
Internet Explorer for Windows 8.x and Google Chrome will see related updates in the very near future.
Another new version of Google’s web browser was announced on Friday. The release notes for version 40.0.2214.94 don’t provide any useful information on what’s different. There is only a link to the version control log entries for version 40.0.2214.94. And unfortunately, that log is both difficult to interpret (especially for non-technical folks) and extremely light on details. It looks like the new version fixes two minor issues, neither related to security.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.
boot13