The Firefox 103 web browser has been released. In addition, updates have been made to branches with a long support period - 91.12.0 and 102.1.0. The Firefox 104 branch, which is scheduled for release on August 23, will be transferred to the beta testing stage in the coming hours.
Key innovations in Firefox 103:
- By default, the Total Cookie Protection mode is enabled, which was previously used only when opening sites in private browsing mode and when choosing the strict mode for blocking unwanted content (strict). In the Total Cookie Protection mode, a separate isolated storage is used for each site's Cookies, which does not allow the use of Cookies to track movement between sites, since all Cookies set from third-party blocks loaded on the site (iframe, js, etc.) are tied to the site from which these blocks were downloaded, and are not transmitted when accessing these blocks from other sites.
- Improved performance on systems with high refresh rate monitors (120Hz+).
- In the built-in PDF viewer for documents with input forms, the required fields are highlighted.
- In picture-in-picture mode, the ability to change the font size of subtitles has been added. Provided subtitles when watching videos from Funimation, Dailymotion, Tubi, Hotstar and SonyLIV. Previously, subtitles were only shown for YouTube, Prime Video, Netflix, HBO Max, Funimation, Dailymotion, Disney+, and sites using the WebVTT (Web Video Text Track) format.
- You can now use the cursor keys, Tab and Shift+Tab to navigate through the buttons in the tab bar.
- The βMake text biggerβ feature has been extended to all interface elements and content (previously only the system font was affected).
- The ability to return support in certificates for digital signatures based on SHA-1 hashes, which have long been considered insecure, has been removed from the settings.
- When copying text from web forms, non-breaking spaces are preserved to prevent automatic line breaks.
- On the Linux platform, WebGL performance issues were resolved when using NVIDIA proprietary drivers in combination with DMA-Buf.
- We fixed an issue with very slow startup due to processing content in local storage.
- Support for portable streams has been added to the Streams API, allowing ReadableStream, WritableStream and TransformStream objects to be passed as arguments when calling postMessage() in order to outsource the operation to a web worker with data cloning in the background.
- For pages opened without HTTPS, and from iframe blocks, access to the caches, CacheStorage and Cache APIs is prohibited.
- Deprecated support for the previously deprecated scriptminsize and scriptsizemultiplier attributes.
- On Windows 10 and 11, the Firefox icon is fixed in the bar during installation.
- On the macOS platform, a transition has been made to a more modern API for managing locks, which has led to an improvement in the responsiveness of the interface during high CPU load.
- The Android version fixed a crash when switching to split screen mode or when resizing the window. Resolved an issue that caused videos to play backwards. Fixed an issue that, under certain rare circumstances, would cause a crash when opening the on-screen keyboard in an Android 12 environment.
In addition to innovations and bug fixes, Firefox 103 fixes 10 vulnerabilities, of which 4 are marked as dangerous (summarized under CVE-2022-2505 and CVE-2022-36320) are caused by memory problems, such as buffer overflows and access to already freed memory areas . These issues can potentially lead to malicious code being executed when specially designed pages are opened. Of the vulnerabilities with a moderate level of severity, one can note the possibility of determining the position of the cursor through manipulations with the overflow and transform CSS properties, and the Android version freezing when processing a very long URL.
Source: opennet.ru