Firefox 85.0.1 fixes a vulnerability and prepares to say goodbye to SSB in Firefox 86

Recently fixes released for Firefox 85.0.1 and Firefox ESR 78.7.1, which are already available and arrive to correct a vulnerability critical that could lead to code execution on the system when opening certain content.

The problem is due to a buffer overflow in the Angle library with the OpenGL ES implementation, which is being developed by the Chromium project and acts as a layer to translate OpenGL ES calls to OpenGL, Direct3D 9/11, Desktop GL, and Vulkan.

Due to the incorrect calculation of the size of the parameters depth for compressed textures, conditions arise to access an area outside the allocated buffer. Details about the issue have not yet been revealed.

As for the other non-security fixes in Firefox 85.0.1, the following are mentioned:

  • Access to special NTFS paths, manipulations that can cause file system damage, are prohibited.
  • Fixed a crash when authenticating to sites using SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) on macOS devices with CPUs based on the newer ARM M1 chips.
  • Eliminate printing an extra blank page at the end of some documents.
  • Fixed a crash when manipulating the Cache API.
  • Improved the work of external URL scheme drivers when starting Firefox from the flatpak package.

In addition, you can notice the inclusion of Fission mode for 1/4 of Firefox's nightly builds with the implementation of modernized multithreaded architecture for stricter page isolation.

When Fission is activated, pages from different sites are always allocated in the memory of different processes, each of whom uses their own litter box.

At the same time, the division into processes is not done by tabs, but by domains, which allows you to further isolate the content of external scripts and iframes.

Fission mode can be enabled manually in the about: preferences # experimental page or by using the variable "fission.autostart = true" in about: config.

Moreover, we must also not forget that Mozilla to End Firefox 86 Desktop Support for Experimental SSB Mode, which made it possible to create a separate shortcut for a site to launch without browser interface elements, with a separate icon on the taskbar, as in all rule.

How to install or update the new version of Firefox on Linux?

Firefox users who have not disabled automatic updates will receive the update automatically. Those who don't want to wait for that to happen can select Menu> Help> About Firefox after the official launch to initiate a manual update of the web browser.

The screen that opens displays the currently installed version of the web browser and runs a check for updates, provided the functionality is enabled.

Another option to update, is yes you are a user of Ubuntu, Linux Mint or some other derivative of Ubuntu, You can install or update to this new version with the help of the browser's PPA.

This can be added to the system by opening a terminal and executing the following command in it:

sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa -y 
sudo apt-get update
sudo apt install firefox

In the case of Arch Linux users and derivatives, just run in a terminal:

sudo pacman -Syu

Or to install with:

sudo pacman -S firefox

Finally for those who prefer to use Snap packages, They will be able to install the new version as soon as it is released in the Snap repositories.

But they can get the package directly from Mozilla's FTP. With the help of a terminal by typing the following command:

wget https://ftp.mozilla.org/pub/firefox/releases/85.0.1/snap/firefox-85.0.1.snap

And to install the package we just type:

sudo snap install firefox-85.0.1.snap

Finally, you can get the browser with the latest installation method that was added "Flatpak". To do this, they must have support for this type of package.

Installation is done by typing:

flatpak install flathub org.mozilla.firefox

For, all other Linux distributions can download the binary packages from the following link.

 


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.