ukukhishwa kwesiphequluli sewebhu Futhi IFirefox 68.2 yesikhulumi se-Android. Ngaphezu kwalokho, isibuyekezo senziwe ukwesekwa kwesikhathi eside (ukunakekelwa kwegatsha le-ESR langaphambilini elingu-60.x kunqanyuliwe). Uyeza maduze esiteji Igatsha leFirefox 71 lizohamba, ngokuhambisana ehlelelwe ukukhululwa ngoDisemba 3.
:
- Kumodi yokuvikela yokulandelela okuthuthukile ukuvimbela amawijethi enethiwekhi yokuxhumana nabantu alandelela umnyakazo wabasebenzisi kumasayithi ezinkampani zangaphandle (isibonelo, izinkinobho zokuthanda kwe-Facebook nokushumeka kwemiyalezo ye-Twitter). Ngezinhlobo zokufakazela ubuqiniso nge-akhawunti ezingosini zokuxhumana nabantu, kungenzeka ukukhubaza okwesikhashana ukuvinjwa;
- Kwengezwe umbiko ofingqiwe mayelana nokuvinjwa okuqediwe, lapho ungakwazi ukulandelela inani lokuvinjwa ngosuku lweviki kanye nohlobo;
- Isengezo sesistimu sifakiwe (phambilini isengezo salethwa njenge-Lockbox), okuyinto entsha "mayelana:ukungena" isixhumi esibonakalayo sokuphatha amaphasiwedi agciniwe. Isengezo sibonisa inkinobho kuphaneli ongakwazi ukubuka ngayo ngokushesha ama-akhawunti alondolozwe kusayithi lamanje, futhi useshe futhi uhlele amagama ayimfihlo. Kuyenzeka ukuthi ufinyelele amaphasiwedi agciniwe ngohlelo lokusebenza lweselula oluhlukile , esekela ukugcwalisa ngokuzenzakalelayo amaphasiwedi kumafomu okufakazela ubuqiniso banoma yiziphi izinhlelo zokusebenza zeselula;
- Isengezo sesistimu sihlanganisiwe okuyinto ukubonisa isixwayiso uma i-akhawunti yakho isengozini (ukuqinisekiswa nge-imeyili) noma kwenziwa umzamo wokungena kusayithi elagetshengwa ngaphambilini. Ukuqinisekisa kwenziwa ngokuhlanganiswa nesizindalwazi sephrojekthi ye-hadaibeenpwned.com;
- Ijeneretha ye-password icushwa ngokuzenzakalelayo; lapho ugcwalisa amafomu okubhalisa, iveza iseluleko esinephasiwedi eqinile ekhiqizwa ngokuzenzakalela. Ithulithiphu iboniswa ngokuzenzakalela ezinkambu ‹input type=”password”› ngesibaluli “sokugcwalisa ngokuzenzakalelayo = iphasiwedi entsha”. Ngaphandle kwalesi sici, iphasiwedi ingakhiqizwa ngemenyu yokuqukethwe;
- Esikhundleni senkinobho ethi “(i)” kubha yekheli, kunenkomba yezinga lobumfihlo, ekuvumela ukuthi wahlulele ukwenziwa kusebenze kwezindlela zokuvinjwa kokulandelela ukunyakaza. Inkomba iba mpunga uma imodi yokuvimbela ukunyakaza inikwe amandla kuzilungiselelo futhi azikho izici ekhasini ezidinga ukuvinjwa. Inkomba iba luhlaza okwesibhakabhaka lapho izici ezithile ekhasini ezephula ubumfihlo noma ezisetshenziselwa ukulandelela ukunyakaza zivinjiwe. Isikhombi siyanqanyulwa uma umsebenzisi ekhubaze ukuvikelwa kokulandela ngomkhondo kusayithi lamanje.
- Amakhasi avulwe nge-HTTP noma nge-FTP manje amakwe ngesithonjana sokuxhumeka okungavikelekile, esiphinde siboniswe ku-HTTPS uma kuba nezinkinga ngezitifiketi. Umbala wophawu lokukhiya lwe-HTTPS ushintshiwe kusukela koluhlaza kuya kokumpunga (kuzokwazi ukubuyisela umbala oluhlaza ngesilungiselelo se-security.secure_connection_icon_color_gray). Ukusuka ezikhombi zokuphepha ezivuna izexwayiso ezimayelana nezinkinga zokuphepha kuqhutshwa ukutholakala kwendawo yonke kwe-HTTPS, osekucatshangwa ukuthi inikeziwe kunokuphepha okwengeziwe.
- Kubha yekheli ukubonisa igama lenkampani uma usebenzisa isitifiketi se-EV esiqinisekisiwe kuwebhusayithi. Ulwazi lukhishiwe ngoba lungadukisa umsebenzisi futhi lusetshenziselwe ubugebengu bokweba imininingwane ebucayi (isibonelo, inkampani ethi “Identity Verified” yabhaliswa, igama layo elikubha yekheli libonwe njengenkomba yokuqinisekiswa). Ulwazi mayelana nesitifiketi se-EV lungabukwa ngemenyu eyehlayo lapho uchofoza isithonjana esinesithombe sokukhiya. Ungakwazi ukubuyisela isibonisi segama lenkampani kusitifiketi se-EV kubha yekheli ngokusebenzisa isilungiselelo esithi “security.identityblock.show_extended_validation” kokuthi:config.
- Enjini yeJavaScript umhumushi omusha “wesisekelo” we-bytecode, othatha indawo ephakathi nendawo phakathi komhumushi ovamile kanye nomhlanganisi “wesisekelo” we-JIT wokuqala. Umhumushi omusha uyashesha kakhulu kunotolika omdala futhi usebenzisa izinqubo ezivamile zokucubungula i-bytecode, inqolobane kanye nedatha yokwenza iphrofayela ngomhlanganisi “wesisekelo” we-JIT. Utolika owengeziwe ukuvumela ukuthi usheshise ukwenziwa kwemisebenzi ye-JavaScript esetshenziswa njalo ngemva kokuthi iphindiselwe emuva isuka ku-JIT elungiselelwe (Ion JIT) ukuya esigabeni sokuhlanganisa se-JIT "eyisisekelo" engathuthukisiwe, ngokwesibonelo, ngemva kokuthi umsebenzi ubizwe ngezimpikiswano. yezinye izinhlobo.
Kuzinhlelo zokusebenza zewebhu eziyinkimbinkimbi, ukuhlanganisa "isisekelo" se-JIT nokwethula ukulungiselelwa kwe-Ion JIT kuthatha isikhathi esiningi, futhi umhumushi osheshayo owengeziwe angakwazi ukuzuza ukukhuphuka okuphelele kokusebenza kanye nokwehliswa kancane kokusetshenziswa kwenkumbulo. Ezivivinyweni, ukufakwa komhumushi owengeziwe osebenzisa izibalo ezijwayelekile kanye nenqolobane esemgqeni ene-JIT kuholele ekunciphiseni isikhathi sokulayisha ikhasi ngo-2-8%, futhi ukusebenza kwamathuluzi kubathuthukisi bewebhu kukhuphuke ngo-2-10%;
- Kukwakhelwe i-Linux ukusetshenziswa okuzenzakalelayo kwesistimu yokuhlanganisa kuma-AMD, Intel kanye ne-NVIDIA GPUs (umshayeli we-Nouveau kuphela), uma usebenzisa i-Mesa 18.2 noma kamuva ohlelweni. Ekwakheni i-Windows, ngaphezu kwama-AMD ne-NVIDIA GPU asekelwa ngaphambilini, i-WebRender manje isicushiwe ku-Intel GPUs. Isistimu yokuhlanganisa ibhalwe ngolimi lwe-Rust futhi ikhipha okuqukethwe kwekhasi okuhlinzeka ngemisebenzi ohlangothini lwe-GPU.
Uma usebenzisa i-WebRender, esikhundleni sohlelo lokuhlanganisa olwakhelwe ngaphakathi olwakhelwe injini ye-Gecko, ecubungula idatha kusetshenziswa i-CPU, ama-shader asebenza ku-GPU asetshenziselwa ukwenza imisebenzi yokunikeza isifinyezo ezicini zekhasi, okuvumela ukwanda okukhulu kwejubane lokunikeza. nomthwalo we-CPU owehlisiwe. Ukuphoqa i-WebRender ukuthi inikwe amandla kokuthi:config, ungashintsha izilungiselelo “gfx.webrender.all” kanye “gfx.webrender.enabled”;
- ukusekelwa kwemodi eqinile yokuhlukanisa ikhasi, ethuthukiswe ngaphansi kwegama lekhodi . Kule modi, amakhasi avela kumasayithi ahlukene ahlala ekhona enkumbulweni yezinqubo ezahlukene, ngayinye esebenzisa ibhokisi layo lesanti elingalodwa. Ukuhlukaniswa kwenqubo akwenziwa ngamathebhu, kodwa ngezizinda, okukuvumela ukuthi uqhubeke uhlukanise okuqukethwe kwemibhalo yangaphandle kanye namabhulokhi e-iframe. Imodi yokuhlukanisa eqinile ilawulwa kokuthi:hlela kusetshenziswa inketho ethi “fission.autostart” (ukunika amandla ekukhishweni kuvinjiwe okwamanje);
- ilogo negama kushintshiwe kusuka kuFirefox Quantum kuya kuFirefox Browser;
- ukubonisa izicelo zokuqinisekisa igunya eliqalwe kumabhulokhi e-iframe alayishwe kwesinye isizinda (imvelaphi ehlukene). Shintsha vimba ukuhlukumeza okuthile futhi uthuthele kumodeli lapho izimvume zicelwa khona kuphela esizindeni esiyinhloko sedokhumenti, ekhonjiswe kubha yekheli;
- ukunikeza okuqukethwe kwamafayela alandwe nge-ftp (isibonelo, uma uvula nge-ftp, izithombe, README namafayela e-html ngeke esaboniswa). Lapho uvula izinsiza nge-FTP, ingxoxo yokulayishwa kwefayela kudiski manje izobizwa ngokushesha, kungakhathaliseki ukuthi hlobo luni lokuqukethwe;
- Kubha yekheli inkomba yokunikeza ukufinyelela endaweni, okuzokuvumela ukuthi uhlole ngokucacile umsebenzi we-Geolocation API futhi, uma kunesidingo, wenze kube nokwenzeka ukuhoxisa ilungelo lesayithi lokulisebenzisa. Kuze kube manje, inkomba yayiboniswa kuphela ngaphambi kokuthi izimvume zinikezwe futhi uma isicelo sinqatshiwe, kodwa inyamalale lapho kuvulwa ukufinyelela ku-Geolocation API. Manje inkomba izokwazisa umsebenzisi mayelana nokuba khona kwalokho kufinyelela;
- isixhumi esibonakalayo esinwetshiwe sokubuka izitifiketi ze-TLS, ezifinyeleleka ngekhasi elithi “mayelana:nesitifiketi” (ngokuzenzakalelayo, isixhumi esibonakalayo esidala sisasetshenziswa, esisha sinikwa amandla nge-security.aboutcertificate.enabled in about:config). Uma ngaphambilini bekuvulwe iwindi elihlukile ukuze kubukwe izitifiketi, manje imininingwane iboniswa kuthebhu ngendlela ekhumbuza isengezo. . Qedela ukuqaliswa kwesixhumi esibonakalayo sokubuka isitifiketi usebenzisa i-JavaScript kanye nobuchwepheshe bewebhu obujwayelekile;
- Ingxenye yengeziwe kumenyu yokuphatha i-akhawunti ukuze ufinyelele kumasevisi athuthukile e-Firefox afana ne-Monitor and Thumela;
- Isithonjana esisha "sesipho" sengeziwe kumenyu enkulu nephaneli, lapho ungathola khona ulwazi mayelana nokukhishwa okusha nezici zakhona ezibalulekile;
- Amakhasi akhelwe ngaphakathi eFirefox (cishe:*) ashintshwa ukuze abonise ngokucabangela izilungiselelo zetimu emnyama;
- Ukufunda kombhalo odwetshelwe noma oweqiwe, okuhlanganisa izixhumanisi, sekuthuthukisiwe - imigqa manje iyanqamuka (iyageleza) ngaphandle kokuphambana kwamaglyph;
- Ezindikimbeni usekelo lwezakhiwo ze-accentcolor, textcolor kanye ne-headerURL, ebeziyiziteketiso zohlaka, izici ze-tab_background_text kanye ne-theme_frame (amatimu asingathwe ku-addons.mozilla.org abuyekezwa ngokuzenzakalelayo);
- Kwengezwe izici ze-CSS , и , okuvumela ukuthi ulungise ukujiya, ukuhlehlisa, nokuhlukana kwemigqa esetshenziselwa ukudwebela nokushaya embhalweni;
- Endaweni ye-CSS "» wengeze ikhono lokucacisa izici ezimbili ngesikhathi esisodwa, isibonelo, “bonisa: i-block flex” noma “ukubonisa: i-inline flex”;
- Amanani okubonisa ngale ku-opacity kanye ne-stop-opacity CSS izakhiwo manje zingasethwa njengamaphesenti;
- Kumpahla ye-CSS ukwengezwa kwe-xxx-velu enkulu;
- Ku-JavaScript ikhono lokuhlukanisa izinombolo ezinkulu ngokubona usebenzisa ama-underscore, isibonelo, “myNumber = 1_000_000_000_000”;
- Kwengezwe indlela entsha , okuhlukile kwendlela ye-Intl.RelativeTimeFormat.format() ebuyisela izinto eziningi, ingxenye ngayinye emele ingxenye yenani elifomethiwe, esikhundleni sokubuyisela yonke iyunithi yezinhlamvu efomethiwe;
- Usayizi wesihloko se-HTTP esithi “Referer” ukhawulelwe ku-4 KB, uma leli nani leqiwe, okuqukethwe kufinyezwa egameni lesizinda;
- Kumathuluzi kanjiniyela kuphaneli yokufinyelela, amathuluzi engeziwe ukuze kuhlolwe ukutholakala kalula kokuzulazula phakathi kwezinto kusetshenziswa ikhibhodi, kanye nesifanisi sokuthi abantu abangaboni umbala balibona kanjani ikhasi;
- Isikhethi sombala manje sibonisa inkomba yokuqhathanisa yombala onikeziwe ohlobene nombala ongemuva ukuze kuhlolwe umbono wabantu abangaboni kahle;
- Kumodi yokuhlola ye-CSS, izincazelo ze-CSS ezingaphazamisi into engakhethiwe manje ziba mpunga futhi zibonisa ithiphu yamathuluzi ebonisa isizathu sokuziba nokulungiswa okungenzeka;
- I-debugger manje inamandla okusetha izindawo zokunqamuka eziqalwa lapho izici ze-DOM zishintsha () futhi ikuvumela ukuthi ulandelele izikhathi lapho umbhalo wengeza, ususa noma ubuyekeza okuqukethwe kwekhasi;
- Konjiniyela abengeziwe, ikhono lokuhlola idatha ku-browser.storage.isitoreji sasendaweni selisetshenzisiwe;
- Isici sokusesha sengeziwe kumodi yokuhlola umsebenzi wenethiwekhi, okukuvumela ukuthi uthole ngokushesha izici zezicelo nezimpendulo. Ukusesha kufaka izihloko ze-HTTP, Amakhukhi kanye nemizimba yesicelo/yempendulo;
- Ikhodi yokuhlanganisa ikhasi kuplathifomu ye-macOS iye yathuthukiswa, eyehlisa umthwalo ku-CPU, yasheshisa ukulayishwa kwekhasi (kufika ku-22%) futhi yanciphisa ukusetshenziswa kwensiza lapho udlala amavidiyo (kufika ku-37%). Izakhiwo ze-MacOS futhi zengeza ukwesekwa kokungenisa amaphasiwedi alondolozwe ku-Chrome;
- Isibuyekezo sokulungisa seFirefox 68.1 silungiselwe i-Android. Ake sikukhumbuze ukuthi ukwakhiwa kokukhishwa okusha okubalulekile kweFirefox ye-Android kunqanyuliwe. Ukufaka esikhundleni iFirefox ye-Android, ebizwa nge-Fenix (isatshalaliswa njenge ) isiphequluli esisha samadivayisi eselula esisebenzisa injini ye-GeckoView kanye nesethi yemitapo yolwazi ye-Mozilla Android Components. Ezinsukwini ezimbalwa ezedlule Ukukhishwa okusha kokuhlola kweFirefox Preview 2.2, elungisa izinkinga ezimbalwa ezibalulekile kusixhumi esibonakalayo nolwazi lomsebenzisi. Kwezinguquko eziqhathaniswa ne Iphawula ukungezwa kwenketho yokusula yonke idatha lapho uphuma kanye nekhono lokuvula izixhumanisi ngokuzenzakalelayo kumodi yokudlulisa amehlo eyimfihlo.
Ngaphezu kwezinto ezintsha nokulungiswa kweziphazamisi kuFirefox 70, , okuyi-12 (eqoqwe ngaphansi kwe-CVE-2019-11764 eyodwa) njengokubaluleke kakhulu futhi okungase kuholele ekusetshenzisweni kwekhodi yomhlaseli lapho uvula amakhasi aklanywe ngokukhethekile.
Source: opennet.ru