* Restore html5 audio playback under NetBSD
Changelog:
New
Significant new customization mode makes it easy to personalize your Web experience to access the features you use the most (learn more)
New
A new, easy to access menu sits in the right hand corner of Firefox and includes popular browser controls
New
Sleek new tabs provide an overall smoother look and fade into the background when not active
New
An interactive onboarding tour to guide users through the new Firefox changes
New
The ability to set up Firefox Sync by creating a Firefox account (learn more)
New
Gamepad API finalized and enabled (learn more)
New
HTTPS used for Yahoo Searches performed in en-US locale
New
Malay [ma] locale added
Changed
Clicking on a W3C Web Notification will switch to the originating tab
Developer
'box-sizing' (dropping the -moz- prefix) implemented (learn more)
Developer
Console object available in Web Workers (learn more)
Developer
Promises enabled by default (learn more)
Developer
SharedWorker enabled by default
Developer
<input type="number"> implemented and enabled
Developer
<input type="color"> implemented and enabled
Developer
Enabled ECMAScript Internationalization API
Developer
Add-on bar has been removed, content moved to navigation bar
Developer
Implemented URLSearchParams from the URL specification (see MDN for details )
Fixed
Various security fixes
Fixed in Firefox 29
MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript
MFSA 2014-46 Use-after-free in nsHostResolve
MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates
MFSA 2014-44 Use-after-free in imgLoader while resizing images
MFSA 2014-43 Cross-site scripting (XSS) using history navigations
MFSA 2014-42 Privilege escalation through Web Notification API
MFSA 2014-41 Out-of-bounds write in Cairo
MFSA 2014-40 Firefox for Android addressbar suppression
MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video
MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
MFSA 2014-37 Out of bounds read while decoding JPG images
MFSA 2014-36 Web Audio memory corruption issues
MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer
MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Changelog:
NEW
VP9 video decoding implemented
NEW
Mac OS X: Notification Center support for web notifications
NEW
Horizontal HTML5 audio/video volume control
NEW
Support for Opus in WebM
CHANGED
Now that spdy/3 is implemented support for spdy/2 has been removed and servers without spdy/3 will negotiate to http/1 without any penalty
DEVELOPER
Support for MathML 2.0 'mathvariant' attribute
DEVELOPER
Background thread hang reporting
DEVELOPER
Support for multi-line flexbox in layout
FIXED
Various security fixes
Fixed in Firefox 28
MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering
MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects
MFSA 2014-30 Use-after-free in TypeObject
MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs
MFSA 2014-28 SVG filters information disclosure through feDisplacementMap
MFSA 2014-27 Memory corruption in Cairo during PDF font rendering
MFSA 2014-26 Information disclosure through polygon rendering in MathML
MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape
MFSA 2014-24 Android Crash Reporter open to manipulation
MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore
MFSA 2014-22 WebGL content injection from one domain to rendering in another
MFSA 2014-21 Local file access via Open Link in new tab
MFSA 2014-20 onbeforeunload and Javascript navigation DOS
MFSA 2014-19 Spoofing attack on WebRTC permission prompt
MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key
MFSA 2014-17 Out of bounds read during WAV file decoding
MFSA 2014-16 Files extracted during updates are not always read only
MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
