Firefox 3.5.4, released earlier this morning, is being called a security and stability update. It doesn’t add new features, but instead directly deals with Firefox stability issues, fixes a few bugs (i.e. the ability to re-submit crash reports), and most importantly, patches up a group of security vulnerabilities.
Here are the security issues this version of Firefox patches:
– Crashes with evidence of memory corruption
– Upgrade media libraries to fix memory safety bugs
– Download filename spoofing with RTL override
– Cross-origin data theft through document.getSelection()
– Heap buffer overflow in string to number conversion
– Chrome privilege escalation in XPCVariant::VariantDataToJS()
– Heap buffer overflow in GIF color map parser
– Crash in proxy auto-configuration regexp parsing
– Crash with recursive web-worker calls
– Local downloaded file tampering
– Form history vulnerable to stealing
You can read the detail list of changes of Firefox 3.5.4.