Firefox 119 ships with security fixes and privacy enhancements

By admin

Mozilla Firefox 119
ORG

will be released

later today
TIME

. The new Stable version of

Firefox
ORG

is accompanied by

Firefox 119
LAW

for

Android
ORG

and

Firefox 115.4
PRODUCT

ESR.

ADVERTISEMENT

Core new features of

Firefox 119
LAW

include

Encrypted Client Hello
ORG

support for all users, extensions imports from

Chrome
ORG

, improved tracking protection and new

PDF
ORG

editing capabilities.

All developer versions of

Firefox
ORG

are updated around the same time. This means that Firefox Beta and

Dev
PERSON

move to version

120
CARDINAL

and Firefox Nightly to version

121
CARDINAL

.

Executive Summary

Encrypted Client Hello is now supported.


Mozilla
ORG

patched security issues in

Firefox 119
LAW

.

Firefox

119
CARDINAL

includes privacy improvements.

Firefox

119.0
CARDINAL

download and update

Firefox

119
CARDINAL

‘s and Firefox

115.4
CARDINAL


ESR
ORG

release date is

October 24, 2023
DATE

. Depending on when you read this, it may not be released yet.


Later today
TIME

, the new

Firefox
ORG

releases will become available via the automatic updating functionality of the browser. Downloads are also offered on

Mozilla
ORG

‘s official website then.

To display the current version, select

Menu > Help >
ORG

About Firefox. Doing so displays the installed version and runs a check for updates.

Here are the official download locations:

Firefox

119.0
CARDINAL

Encrypted Client Hello Support

Firefox

119
CARDINAL

supports

Encrypted Client Hello
PERSON

officially now. You can check out the full article on the introduction.


Encrypted Client Hello
PERSON

improves the privacy of connections by encrypting information about the domain name during connection attempts. Previously, anyone listening in on network traffic, including ISPs, could monitor the information.

Some ISPs sell information about user activity on the Internet, others may use

DNS
ORG

-based blocking to prevent access to certain sites. With

Encrypted Client Hello
PERSON

,

DNS
ORG

-based blocking is no longer effective.

Note that servers need to support this well to work.

Privacy Improvements

Mozilla implemented several privacy enhancements in

Firefox 119
LAW

. The

two
CARDINAL

core additions are the partitioning of

Blob
PERSON

URLs and limited visibility of fonts that websites have access to.

The

first
ORDINAL

mitigates a potential tracking vector that

third
ORDINAL

-parties may utilize for tracking purposes. This was the only state partitioning test at Privacy Tests that Firefox failed at.

The limitation of fonts improves

Firefox
ORG

‘s defenses against font fingerprinting by restricting sites to system fonts and language pack fonts.

Firefox View displays more content

A click on the Firefox View icon in the leftmost section of the tab bar displays the interface.

Firefox users see all content there now from all open browser windows. Synced tabs will also show up and the browsing history can now be sorted by date or site.

Other changes and fixes

Storage Access API updated "to improve security while mitigating website breakages".


Firefox
ORG

‘s

PDF Viewer
ORG

is getting options to add images and alt text. This is rolling out gradually to the entire population.

Firefox may now import some extensions from

Google Chrome
ORG

when migrating data.

Recently closed tabs persist between sessions, if automatic session restore is not enabled.

Media sniffing is no longer applied to files served as type application/octet-stream.


Windows
PRODUCT

users may notice that the mouse pointer is no longer displayed. This happens if a specific mouse properties setting (Hide pointer while typing) is enabled on the system.

Firefox is now available in

Santali
GPE

.


Mozilla
ORG

fixed a scroll position jumping issue on

Facebook
ORG

.

Developer changes

The <input> element no longer supports the non-standard mozactionhint attribute.

The attr() CSS function fallback value is now supported.

The Object.groupBy() and Map.groupBy() static methods are now supported.

The

SVG
ORG

attributes that accept a <length> value now support level

3
CARDINAL

length CSS data types for all SVG elements.

The credentialless directive of the Cross-Origin-Embedder-Policy HTTP response header is now supported on desktop platforms.


The Credential Properties Extension
ORG

(credProps) of

the Web Authentication API
LAW

is supported.

The getAuthenticatorData(),

getPublicKeyAlgorithm
PERSON

(), and getPublicKey() methods of the AuthenticatorAttestationResponse interface are now supported.

Enterprise changes

Security updates / fixes


Mozilla
ORG

patched a total of

11
CARDINAL

different security issues in

Firefox 119
LAW

. The aggregate severity rating is high, but none of the issues appears to be exploited in the wild.

Outlook

Firefox 120 and

Firefox
ORG

ESR 115.5 will be released on

November 21, 2023
DATE

.

Firefox extension reviews and news

Recent Firefox news and tips

Additional information / resources

Summary Article Name Firefox

119
CARDINAL

ships with security fixes and privacy enhancements

Description Firefox
ORG


119
CARDINAL

Stable ships with security fixes, several privacy enhancements and new features that are non-security related. Author

Martin Brinkmann
PERSON

Publisher Ghacks Technology News Logo

Advertisement