The new version release from the popular web browser Firefox 102 version in which some changes and improvements have been made, in addition to innovations and bug fixes, in Firefox 102 removed 22 vulnerabilities, of which 5 are marked as dangerous.
Vulnerability CVE-2022-34479 allows displaying a popup on Linux that overlays the address bar (can be used to simulate a dummy browser interface that misleads the user, eg for phishing).
5 other vulnerabilities (summarized in CVE-2022-34485, CVE-2022-34485, and CVE-2022-34484) are caused by memory problems, such as buffer overflows and access to already freed memory areas. These issues can potentially lead to the execution of malicious code when specially crafted pages are opened.
Table of Contents
Main new features of Firefox 102
In this new version of Firefox 102 that is presented, the possibility to deactivate the automatic opening of the panel with information about the downloaded files at the beginning of each new download.
Another change that stands out is that added protection against transition tracking to other pages by setting parameters in the URL. The protection is reduced to removing the parameters used for tracking (such as utm_source) from the URL and is activated when the strict spam blocking mode is enabled in the settings (Enhanced Tracking Protection -> Strict) or when the site opens in private browsing mode. Optionally, removal can also be enabled via settings privacy.query_stripping.enabled in about:config.
Picture-in-Picture mode provides subtitles tol watch videos from HBO Max, Funimation, Dailymotion, Tubi, Disney+ Hotstar and SonyLIV. Previously, subtitles were displayed only for YouTube, Prime Video, Netflix, and sites that used the WebVTT (Web Video Text Track) format.
In Firefox for Android, when filling out forms with credit card information, a separate request is made to save the information entered for the form autofill system.
In addition, it is also highlighted that an issue that caused a crash when opening the on-screen keyboard if the clipboard contained a large amount of data was fixed, and an issue that caused Firefox to stop when switching between applications was also fixed.
As for the developer improvements, we can find that CSP integration provided (Content-Security-Policy) with WebAssembly, allowing you to apply CSP restrictions for WebAssembly. A document for which scripting is disabled via CSP will now fail to execute WebAssembly bytecode if the 'unsafe-eval' or 'wasm-unsafe-eval' parameter is not set.
CSS media queries implement update property, which allows you to bind the refresh rate of the information supported by the output device.
For plugins that support the second version of the manifest, access to the Scripting API is provided, which allows you to run scripts in the context of sites, replace and remove CSS, and control logging of processing scripts. of content.
Of the other changes that stand out:
- Sound decoding functions are moved to a separate process with tighter sandbox isolation.
- On Linux, it is possible to use the Geoclue DBus service to determine the location.
- Improved display of PDF documents in high contrast mode.
- The non-standard property Window.sidebar, provided only in Firefox, is scheduled for removal.
- In the web developer interface on the Style Editor tab, there is support for filtering style sheets by name.
How to install or update the new version of Firefox on Linux?
Firefox users who have not disabled automatic updates will receive the update automatically. Those who don't want to wait for that to happen can select Menu> Help> About Firefox after the official launch to initiate a manual update of the web browser.
The screen that opens displays the currently installed version of the web browser and runs a check for updates, provided the functionality is enabled.
Another option to update, is yes you are a user of Ubuntu, Linux Mint or some other derivative of Ubuntu, You can install or update to this new version with the help of the browser's PPA.
This can be added to the system by opening a terminal and executing the following command in it:
sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa -y sudo apt-get update sudo apt install firefox
In the case of Arch Linux users and derivatives, just run in a terminal:
sudo pacman -Syu
Or to install with:
sudo pacman -S firefox
Finally for those who prefer to use Snap packages, they will be able to install the new version by opening a terminal and typing in it
sudo snap install firefox
Finally, you can get the browser with the latest installation method that was added "Flatpak". To do this, they must have support for this type of package.
Installation is done by typing:
flatpak install flathub org.mozilla.firefox
For all other Linux distributions can download the binary packages from the following link.