Isiphequluli sewebhu sikhululiwe Futhi IFirefox 68.8 yesikhulumi se-Android. Ngaphezu kwalokho, isibuyekezo senziwe ukwesekwa kwesikhathi eside . Uyeza maduze esiteji Igatsha leFirefox 77 lizoshintsha, ukukhululwa kwalo kuhlelelwe uJuni 2.
:
- amandla esengezo sesistimu ye-Lockwise afakwe esipheqululini, esinikeza isixhumi esibonakalayo "sokumayelana: nokungena" sokuphatha amaphasiwedi agciniwe. Isexwayiso manje siyaboniswa kuma-akhawunti alondoloziwe ahlotshaniswa namasayithi ngaphambilini ahlangabezane nokugebenga kwemininingwane eputshuziwe. Isexwayiso siyaboniswa uma ukufakwa kwephasiwedi kuFirefox kungabuyekezwanga njengoba isayithi laba sengozini.
Okunye okungeziwe yisexwayiso sokuthi amaphasiwedi asetshenziswa kumasayithi amaningi afakwe engcupheni. Uma enye yama-akhawunti alondoloziwe ibandakanyeka ekuvuzeni kobufakazi futhi umsebenzisi aphinde asebenzise igama-mfihlo elifanayo kwamanye amasayithi, uzolulekwa ukuthi ashintshe iphasiwedi. Ukuqinisekisa kwenziwa ngokuhlanganiswa nesizindalwazi sephrojekthi , okuhlanganisa ulwazi olumayelana nama-akhawunti ayizigidi eziyizinkulungwane ezingu-9.5 ebiwe ngenxa yokugetshengwa kwamasayithi angu-443. Indlela ayaziwa futhi kusekelwe ekudlulisweni kwesiqalo se-hashi se-SHA-1 esivela ku-imeyili (izinhlamvu ezimbalwa zokuqala), ekuphenduleni lapho iseva ikhiqiza ama-hashes omsila ahambisana nesicelo esivela kusizindalwazi sayo, futhi isiphequluli esisohlangothini lwaso siyawahlola. nge-hashi egcwele ekhona futhi, uma kukhona okufanayo, ikhipha isexwayiso (i-hashi ephelele ayidluliswanga).
Inani lamasayithi lapho umsebenzi osetshenziswa khona linwetshiwe amaphasiwedi aqinile lapho ugcwalisa amafomu okubhalisa. Ngaphambilini, iseluleko esiphakamisa iphasiwedi eqinile sasiboniswa kuphela uma kunezinkambu ngesibaluli esithi "autocomplete = new-password". Ngaphandle kwesayithi elisetshenzisiwe, iphasiwedi ingakhiqizwa ngemenyu yokuqukethwe.
Ku-Windows ne-macOS, uma iFirefox ingenayo isethi yephasiwedi eyinhloko, ukwesekwa kokubonisa ibhokisi lokuqinisekisa le-OS kanye nokufaka imininingwane yesistimu ngaphambi kokubuka amaphasiwedi alondoloziwe. Ngemva kokufaka iphasiwedi yesistimu, ukufinyelela kumaphasiwedi agciniwe kunikezwa imizuzu engu-5, ngemva kwalokho iphasiwedi izodinga ukufakwa futhi. Lesi silinganiso sizovikela imininingwane yakho ekuhloleni amehlo uma ikhompuyutha ishiywe ingagadiwe uma iphasiwedi eyinhloko ingasethiwe esipheqululini.
- sebenza"", evimbelwe ngokuzenzakalela. Uma imodi yenziwe yasebenza kusetshenziswa ipharamitha ethi “dom.security.https_only_mode” kokuthi mayelana:config, zonke izicelo ezenziwe ngaphandle kokubethela zizoqondiswa kabusha ngokuzenzakalelayo ukuze kuvikelwe izinketho zekhasi (“http://” ku-"https://"). Ukushintshwa kwenziwa kokubili ezingeni lezinsiza ezilayishwe emakhasini, nalapho kufakwa kubha yekheli. Uma umzamo wokufinyelela ikheli elifakwe kubha yekheli nge-https uphela ngesikhathi sokuvala, umsebenzisi uzoboniswa ikhasi lephutha elinenkinobho yokwenza isicelo nge-http://. Esimeni sokwehluleka uma kulayishwa ngemithombo engaphansi ethi “https://” elayishwa ngesikhathi sokucubungula ikhasi, ukwehluleka okunjalo kuzozitshwa, kodwa izexwayiso zizoboniswa kukhonsoli yewebhu, engabukwa ngamathuluzi onjiniyela wewebhu.
- Kwengezwe amandla okushintsha ngokushesha phakathi kokubuka amavidiyo ku-"» (Isithombe-Esithombeni) nokubukwa kwesikrini esigcwele. Umsebenzisi angakwazi ukunciphisa ividiyo efasiteleni elincane futhi ngesikhathi esisodwa enze omunye umsebenzi, ohlanganisa kwezinye izinhlelo zokusebenza nakumadeskithophu abonakalayo. Uma ufuna ukunaka konke kuvidiyo, vele uchofoze kabili ukuze uye ekubukweni kwesikrini esigcwele. Ukuchofoza kabili futhi kuzobuyisela ukubuka kumodi yesithombe-esithombeni.
- Umsebenzi wenziwe ukuze kuthuthukiswe ukubonakala nokuba lula kokusebenza nebha yamakheli. Lapho uvula ithebhu entsha, isithunzi esizungeze inkambu yebha yekheli sincishisiwe. Ibha yamabhukhimakhi inwetshiwe kancane ukuze kwandiswe indawo echofozekayo kuzikrini zokuthinta.
- Ku-Wayland based environments usebenzisa
kungenzeka ukusheshisa kwehadiwe ukuqoshwa kwe-VP9 namanye amafomethi wevidiyo asekelwa kuFirefox. Ukusheshisa kunikezwa kusetshenziswa i-VA-API (Video Acceleration API) kanye ne-FFmpegDataDecoder (usekelo lwe-H.264 kuphela olusetshenziswe ekukhishweni kwangaphambilini). Ukuze ulawule ukuthi ukusheshisa kuvuliwe yini, kufanele usethe imingcele ethi “widget.wayland-dmabuf-webgl.enabled” kanye ne-“widget.wayland-dmabuf-vaapi.enabled” kokuthi:config. - Ku-Windows, kubasebenzisi bamalaptops ane-Intel GPU kanye nesinqumo sesikrini esingeqile ku-1920x1200, uhlelo lokuhlanganisa lwenziwa lusebenze ngokuzenzakalelayo. , ebhalwe ngolimi lwe-Rust nokuqukethwe kwekhasi lemithombo yangaphandle enikezela imisebenzi ohlangothini lwe-GPU.
- Kwengezwe usekelo lwento , okuyinto
ivumela ukusetshenziswa kwe-interfaces и , egijima ngaphandle kwentambo eyinhloko yokusebenza kuFirefox. I-API entsha ikuvumela ukuthi ucubungule umsindo ngesikhathi sangempela, ulawule amapharamitha omsindo ngokohlelo ngaphandle kokwethula ukubambezeleka okwengeziwe noma ukuphazamisa ukuqina kokuphumayo komsindo. Ukwethulwa kwe-AudioWorklet kwenze kwaba nokwenzeka ukuxhuma kumakholi we-Zoom ku-Firefox ngaphandle kokufaka izengezo ezihlukene, futhi kwenze kwaba nokwenzeka ukusebenzisa izimo eziyinkimbinkimbi zokucubungula umsindo esipheqululini, njengomsindo wendawo wezinhlelo zangempela zangempela noma imidlalo. - Ku-CSS , echaza amanani ombala wesistimu (CSS Color Module Level 4).
- Abakhi be-Intl.NumberFormat, Intl.DateTimeFormat, kanye ne-Intl.RelativeTimeFormat bavumela ukucutshungulwa kwezinketho ze-"numberingSystem" kanye "nekhalenda" ngokuzenzakalelayo. Isibonelo: "Intl.NumberFormat('en-US', {numberingSystem: 'latn' })" noma "Intl.DateTimeFormat('th', { calendar: 'gregory' })".
- Ukuvinjwa kwamaphrothokholi angaziwa kunikwe amandla ngezindlela ezifana ne-"location.href" noma .
- Lapho kuhlolwa isethulo samasayithi kumadivayisi eselula kusetshenziswa Imodi Yedizayini Ephendulayo kumathuluzi onjiniyela wewebhu, ukulingiswa kokuziphatha kwedivayisi yeselula lapho ubamba ukusondeza kokuthepha kabili kuyanikezwa. Kusetshenziswe ukunikezwa okulungile kwamathegi we-meta-viewport, okwenze kwaba nokwenzeka ukuthuthukisa amasayithi akho e-Firefox ye-Android ngaphandle kwedivayisi yeselula.
- Kusixhumi esibonakalayo sokuhlola izicelo zenethiwekhi, uma uchofoza kabili kusihlukanisi sekholomu kunhlokweni, usayizi wekholomu yethebula ulungiswa ngokuzenzakalelayo kudatha ebonisiwe.
- Isihlungi esisha Sokulawula sengeziwe kusixhumi esibonakalayo sokuhlola se-WebSocket ukuze kuboniswe amafreyimu okulawula. Kusetshenziswe ikhono lokuhlola kuqala imilayezo ngefomethi , eyengezwe kuhlu lwamaphrothokholi afomethwe ngokuzenzakalelayo, afana ne-socket.io, SignalR kanye ne-WAMP.
- I-JavaScript debugger manje inamandla okuziba amafayela angabandakanyeki ekususeni iphutha. Imenyu yokuqukethwe "ibhokisi elimnyama" inikeza izinketho zokufihla okuqukethwe okungaphakathi noma ngaphandle kohla lwemibhalo olukhethiwe kubha eseceleni. Lapho ukopisha ukulandelela isitaki, qinisekisa ukuthi indlela egcwele ibekwe ebhodini lokunamathisela, hhayi nje igama lefayela.
- Kukhonsoli yewebhu, kumodi yemigqa eminingi, kungenzeka ukufihla izingcezu zekhodi ezedlula imigqa emihlanu (ukunweba, chofoza noma yikuphi endaweni ngekhodi ebonisiwe).
Ngokungeziwe ezenzweni ezintsha nokulungiswa kweziphazamisi, iFirefox 76 isilungisile , okuthi 10 (CVE-2020-12387, CVE-2020-12388 kanye no-8 ngaphansi kwe-CVE-2020-12395) amakwe njengokubalulekile futhi okungenzeka akwazi ukuholela ekusebenziseni ikhodi yomhlaseli lapho kuvulwa amakhasi aklanywe ngokukhethekile. Ukuba sengozini kwe-CVE-2020-12388 kukuvumela ukuthi uphume endaweni ye-sandbox ku-Windows ngokusebenzisa amathokheni okufinyelela. Ukuba sengozini kwe-CVE-2020-12387 kuhlotshaniswa nokufinyelela kubhulokhi yememori eseyivele ikhululiwe (Sebenzisa-ngemuva kokukhululeka) lapho Isisebenzi Sewebhu sinqamula. I-CVE-2020-12395 ihlanganisa izinkinga zenkumbulo ezifana nokuchichima kwebhafa.
Source: opennet.ru