The new version of the popular Firefox 76 web browser has just been launched, as well as the mobile version of Firefox 68.8 for the Android platform. In addition, an update has been generated for its LTS version 68.8.0.
In addition to innovations and bug fixes, Firefox 76 resolved 22 vulnerabilities, of which 10 (CVE-2020-12387, CVE-2020-12388 and 8 under CVE-2020-12395) were marked as critical and potentially capable of executing malicious code.
Vulnerability CVE-2020-12388 - Lets you break out of sandbox environment isolation in Windows by manipulating access tokens. The CVE-2020-12387 vulnerability is associated with a memory block call already released (Use-after-free) at the end of Web Worker. CVE-2020-12395 combines memory issues, such as buffer overflows.
What's new in Firefox 76?
In this new version, improvements to the Lockwise system add-on are introduced included in the browser and in which a warning is now provided for saved accounts associated with sites that previously hacked or leaked information and which now displays a warning about compromised passwords used on various sites. If one of the saved accounts appears in the credential leak and the user reuses the same password on other sites, they will be advised to change the password.
Another change that is presented in this new version of Firefox, is expanding the number of sites for which automatic password generation is used secure when completing registration forms. Previously, a suggestion was shown suggesting a strong password only if there were fields with the attribute "autocomplete = new-password".
Also added "HTTPS only" operating mode, which is disabled by default. The replacement is done both at the level of resources loaded in the pages and when it is entered in the address bar. If an attempt to access https to the address entered in the address bar ends in a timeout, the user will be shown a page with an error, in which there will be a button to execute the request through http: //. In the case of failures when downloading via "https: //" child resources loaded during page rendering, such failures will be ignored, but warnings can be displayed in the web console, which can be viewed through the tools for the web developer.
Also highlighted in Firefox 76 is the ability to quickly switch between picture-in-picture video display and full-screen display. The user can minimize the video in a small window and simultaneously carry out other work, even in other applications and on virtual desktops.
Work has been done to increase the visibility and convenience of working with the address bar, when a new tab is opened, the shadow around the field with the address bar is reduced, plus the bookmarks bar has been slightly enlarged to Increase the area of the clickable area on touchscreens.
In Wayland-based environments, with the new WebGL backend, the ability to accelerate the hardware decoding of VP9 and other video formats supported by Firefox is implemented. The acceleration is provided using the VA-API (Video Acceleration API) and FFmpegDataDecoder which in the latest version, only H.264 support was implemented (to control the inclusion of the acceleration in about: config, the parameters must be set "Widget.wayland-dmabuf-webgl.enabled" and "widget.wayland-dmabuf-vaapi.enabled")
How to install or update the new version of Firefox 76 on Linux?
For those who are interested in being able to install this new version or update to it, they should follow the instructions that we share below.
If you are a user of Ubuntu, Linux Mint or some other derivative of Ubuntu, You can install or update to this new version with the help of the browser's PPA.
This can be added to the system by opening a terminal and executing the following command in it:
sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa -y sudo apt-get update
Done this now they just have to install with:
sudo apt install firefox
In the case of Arch Linux users and derivatives, just run in a terminal:
sudo pacman -Syu
Or to install with:
sudo pacman -S firefox
Finally for those who prefer to use Snap packages, They will be able to install the new version as soon as it is released in the Snap repositories.
But they can get the package directly from Mozilla's FTP. With the help of a terminal by typing the following command:
wget https://ftp.mozilla.org/pub/firefox/releases/75.0/snap/firefox-75.0.snap
And to install the package we just type:
sudo snap install firefox-75.0.snap
Finally, you can get the browser with the latest installation method that was added "Flatpak". To do this, they must have support for this type of package.
Installation is done by typing:
flatpak install flathub org.mozilla.firefox
For all other Linux distributions can download the binary packages from the following link.