Firefox 34.0

Firefox v.34.0 was offered to release channel users on Decmber 01, 2014.


Fixed in Firefox 34.0 [3]
2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
2014-88 Buffer overflow while parsing media content
2014-87 Use-after-free during HTML5 parsing
2014-86 CSP leaks redirect data via violation reports
2014-85 XMLHttpRequest crashes with some input streams
2014-84 XBL bindings accessible via improper CSS declarations
2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)

* Changed: Disabled SSLv3
* New: Implementation of HTTP/2 (draft14) and ALPN

Vulnerability ratings: 3 Critical, 3 High, 2 Moderate
Evaluation: test and update when possible

[1] Firefox features [Mozilla]
[2] Mozilla Firefox 34.0 Release Notes (2014-Dec-01) [Mozilla]
[3] Security Advisories for Firefox [Mozilla]
This entry was posted in firefox, patch, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.