There was yet another stealth release of Firefox yesterday. Version 28 was not announced on any of the myriad Mozilla blogs. I only discovered it because of release announcements on CERT and SANS blogs.

According to SANS, at least some of the security fixes in Firefox 28 are the result of successful hacks at the recent Pwn2Own contest. There’s a full list of the security fixes in this version at the top of the ‘Known Vulnerabilities‘ (aka ‘Security Advisories for Firefox’) page for Firefox.

The official release notes page for version 28 shows no improvement over previous release notes pages. But it does list the changes in the latest version, none of which are worthy of note.

Aside: I recently submitted two bugs to the Mozilla bug tracking system for Firefox. Bug #973330 is about the lack of proper announcements for new Firefox versions. Bug #973335 covers the many issues with the release notes pages for Firefox. So far the responses from Mozilla workers have not been encouraging.