mozilla Firefox 43: Find out what is new

[vissha]

Firefox 43: Find out what is new

 

The Firefox 43 release overview guide lists new features, updates and changes that went into the desktop and mobile version of Firefox.

 

Firefox 43's official release data is December 15, 2015. This overview provides you with information about new features, updates, and changes in the new version of the web browser for the desktop and Android.

 

All Firefox channels are updated on the day. This means that Firefox Beta, Developer Edition and Nightly versions of the browser are updated as well.

 

To be precise, Firefox Beta is updated to 44, Firefox Developer Edition to 45, Firefox Nightly to 46, and Firefox ESR to 38.5.

The information provided by this article covers only the Firefox Stable update and no other version.

 

Executive Summary

• Add-on signing is enforced in Firefox 43, but it can be disabled with a configuration switch in this version.
• Firefox 64-bit Stable is now officially available.
• A second block list that is stricter has been added to the browser's tracking protection feature.

 

Firefox 43 download and update

 

 

Mozilla Firefox 43 will be made available via the browser's automatic update mechanism. You can run a manual check for updates at any time by tapping on the Alt-key on your keyboard, and selecting Help > About from the menu at the top.

 

The browser queries a Mozilla server when you do and will download the update or prompt you to do so depending on how you have configured the browser.

 

New Firefox releases are available directly from Mozilla as well. There you find stub installers (which require an Internet connection during installation), and full offline installers which don't.

1. Firefox Stable download
2. Firefox Beta download
3. Firefox Developer download
4. Nightly download
5. Firefox ESR download

 

Firefox 43 Changes

 

Add-on signing enforcement

 

 

Firefox 43 is the first version of the browser that enforces add-on signing. The browser will block the installation of add-ons that are not signed.

 

Mozilla planned to launch the feature with Firefox 40 initially but postponed it to Firefox 43 instead. Please note that this will affect already installed add-ons as well.

 

Firefox 43 ships with an override to install unsigned add-ons in the browser.

1. Load about:config in the browser's address bar.
2. Confirm you will be careful if the prompt appears.
3. Search for xpinstall.signatures.required.
4. Double-click the preference to set it to false.

 

Mozilla plans to remove the preference in Firefox 44.

 

The idea is to eliminate the majority of malicious or invasive add-ons by requiring them to be signed so that they can be installed in Firefox.

 

Add-on signing has been criticized as ineffective.

 

Search Suggestions in address bar opt-in prompt

 

 

When you run a search in Firefox 43 for the first time after upgrading to the version you may receive a search suggestions prompt in the address bar.

 

It asks you if you want to enable search suggestions in the browser and links to a resource page with additional information.

 

If you accept, everything that you type -- with the exception of hostnames and urls -- is sent to the default search engine which then returns a list of suggestions based on that text.

 

Search Suggestions are disabled in private browsing mode automatically. You can edit the preference directly in Firefox as well:

1. Load about:preferences#search in the browser's address bar.
2. Check, or uncheck, the "show search suggestions in location bar results.

Second Block List for Tracking Protection

 

 

A second blocklist has been added to the browser's Tracking Protection feature. The feature blocks trackers and scripts automatically when you connect to sites, and works similar to adblockers in this regard.

 

The focus is on blocking user tracking however and not disabling all advertisement or other annoyances on the Internet.

 

You can check and enable the second list in the following way:

1. Load about:preferences#privacy in the browser's address bar.
2. Click on the "Change Block List" button under the tracking header.
3. Select one of the available lists there.

 

You are probably wondering how they differ:

1. Disconnect.me basic protection: blocks trackers but has been designed for maximum compatibility so that websites you visit function properly.
2. Disconnect.me strict protection: blocks more trackers but may impact the functionality of some sites.

 

Other changes

• Firefox Stable 64-bit is now officially available. It only supports Flash and Silverlight as plugins.
• WebRTC streaming on multiple monitors.
• GTK3 integration (GNU/Linux only).
• On-screen keyboard displayed on selecting input field on devices running Windows 8 or greater.
• Improved Big5 support for Hong Kong supplementary characters on Windows XP.

 

Developer Changes

• Access to Web Storage (i.e. localStorage and sessionStorage) from third-party IFrames is now denied if the user has disabled third-party cookies
• Display Server-side messages in the console.
• Improved API support for m4v video playback.
• Network entries in the console link to the network monitor.
• Overriding CSS declarations have a magnifying glass next to them. A click on it shows only the rules that set the same property which makes it easy to see which rule is overriding the declaration.
• Server logging in the web console.
• Use in Console in Inspector.
• WebIDE has a sidebar UI now.

 

Firefox for Android

 

Only features unique to the Android version of Firefox are listed here.

• Accessibility improvements (TalkBack, BrailleBack)
• Firefox for Android displays audio indicators in the tab list.
• Reading List panel supports marking the read state of items.
• Toolbar menu updated to match "latest Android UI designs".
• Cloud printing support using the Android print service.
• URL is included when text is shared from web pages.

 

Security updates / fixes

 

Security updates are disclosed after the official release. We update the article as soon as they become available.

 

Additional information / sources

• Firefox 43 release notes
• Firefox 43 Android release notes
• Add-on compatibility for Firefox 43
• Firefox 43 for developers
• Site compatibility for Firefox 43
• Firefox Security Advisories

 

Source

[dcs18]

Source

[steven36]

Anybody got a link to Firefox 38.5.0esr final  yet?  I'm testing RC build 2  none these nasty changes effects it  so seems Im  good  tell the end of Q2 2016 using  ESR..

[Kalju]

32 minutes ago, steven36 said:

Anybody got a link to Firefox 38.5.0esr final  yet?  I'm testing RC build 2  none these nasty changes effects it  so seems Im  good  tell the end of Q2 2016 using  ESR..

If it somewhere in the Firefox server exists, can always find using this link:

https://download.mozilla.org/?product=firefox-38.5.0esr-SSL&os=win&lang=en-US

If You need other language, simply change en-Us with desired language code.

[ASIO]

no java support in 64bit

[Pequi]

1 hour ago, Kalju said:

If it somewhere in the Firefox server exists, can always find using this link:

https://download.mozilla.org/?product=firefox-38.5.0esr-SSL&os=win&lang=en-US

If You need other language, simply change en-Us with desired language code.

 

Or just download http://ftp.mozilla.org/pub/firefox/releases/latest-esr/README.txt

 

All releases can be found here:

http://ftp.mozilla.org/pub/firefox/releases/

Except for the latest ESR ... go figure.

 

[steven36]

1 hour ago, ASIO said:

no java support in 64bit

They plain to do away with java  plugin  soon for  x86  as well

 

And none of these links work for new EsR  they one they give is  the old one ..its  not out  yet.. once its out  will be here

https://download-installer.cdn.mozilla.net/pub/firefox/releases/

 

Im using rc build 2 tell it shows up.

[steven36]

9 hours ago, steven36 said:

 

 

And none of these links work for new EsR  they one they give is  the old one ..its  not out  yet.. once its out  will be here

https://download-installer.cdn.mozilla.net/pub/firefox/releases/

 

Im using rc build 2 tell it shows up.

Its out now 

https://download-installer.cdn.mozilla.net/pub/firefox/releases/38.5.0esr/

 

RC build 2 was the final

[straycat19]

 Once they remove java support they might as well quit developing it since all educational institutions have web based programs that require java.   As well as a lot of corporate programs.  Since everything started going web based 10 years ago there is hardly any installed software on university campuses anymore, it is all web based and requires java.  This gives IE an immense boost in popularity simply because it will be the only one that works.

[steven36]

24 minutes ago, straycat19 said:

 Once they remove java support they might as well quit developing it since all educational institutions have web based programs that require java.   As well as a lot of corporate programs.  Since everything started going web based 10 years ago there is hardly any installed software on university campuses anymore, it is all web based and requires java.  This gives IE an immense boost in popularity simply because it will be the only one that works.

someone ask them about this  they told them if they must use java for work  they should install and old build of Firefox in a VM

 

One option  to get support  and not have to use  and very old browser  would  be use Slimjet.

Missing Support of Java and Silverlight in Chrome? Get Slimjet instead!  http://www.slimjet.com/en/lp/java-silverlight-support-in-chrome.php

 

I would have done switched to Slimjet because it has some neat privacy features that other chrome browsers don't have . But due to a few add-ons in Firefox im stuck using  EsR but once the 2Q of 2016 comes and they stop supporting v38 EsR  . Im going  have to  use palmoon are something  just to get the support i need  and still get security updates .

 

 

[uVSthem]

No support for the Google Hangouts plugin with Firefox x64. I kind of need that and Java so it looks like I am stuck in a 32bit world.

[steven36]

9 minutes ago, uVSthem said:

No support for the Google Hangouts plugin with Firefox x64. I kind of need that and Java so it looks like I am stuck in a 32bit world.

If youre lucky you will have about a year using x86  if you need Java

Mozilla announced some time ago that it will retire NPAPI support in Firefox at the end of 2016.

https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/

 

[DKT27]

Not sure why Java is not supported as Java also comes in 64bit version.

[BALTAGY]

This version stop working for a few seconds ( 5s ) many times in every site i open, back to v42.0 everything is fine

[Reefa]

http://www.securityweek.com/mozilla-patches-critical-flaws-release-firefox-43?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+Securityweek+(SecurityWeek+RSS+Feed)

 

 

 

 

[Batu69]

Impact key

• Critical Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
• High Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
• Moderate Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
• Low Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have "High" impact because those are generally used to steal sensitive data intended for other sites.)

December 15, 2015

• MFSA 2015-149 Cross-site reading attack through data and view-source URIs
• MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension APIs
• MFSA 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
• MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions
• MFSA 2015-145 Underflow through code inspection
• MFSA 2015-144 Buffer overflows found through code inspection
• MFSA 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library
• MFSA 2015-142 DOS due to malformed frames in HTTP/2
• MFSA 2015-141 Hash in data URI is incorrectly parsed
• MFSA 2015-140 Cross-origin information leak through web workers error events
• MFSA 2015-139 Integer overflow allocating extremely large textures
• MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
• MFSA 2015-137 Firefox allows for control characters to be set in cookies
• MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation
• MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects
• MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)

 

Mozilla Foundation Security Advisories

[BALTAGY]

5 hours ago, BALTAGY said:

This version stop working for a few seconds ( 5s ) many times in every site i open, back to v42.0 everything is fine

I found the problem it was Google Redesigned addon disable it fixed the problem

[steven36]

2 hours ago, BALTAGY said:

I found the problem it was Google Redesigned addon disable it fixed the problem

 

7 hours ago, BALTAGY said:

This version stop working for a few seconds ( 5s ) many times in every site i open, back to v42.0 everything is fine

If you ever want downgrade use ESR version they patch the same  security bugs in it as in the main version , This will stop any changes you  don't like up tell the end of the 2nd quarter of 2016 .  I also have palemoon witch  gets updates from them I'm setting it up for after they switch to goggle's APi .

[BALTAGY]

Just now, steven36 said:

 

If you ever want downgrade use ESR version they patch the same  security bugs in it as in the main version , This will stop any changes you  don't like up tell the end of the 2nd quarter .  I also have palemoon witch  gets updates from them I'm setting it up for after they switch to goggles APi .

Personally i don't use Firefox search, i use google + my history is too important, but good advice when they start to bother me i will go to ESR

[steven36]

9 minutes ago, BALTAGY said:

Personally i don't use Firefox search, i use google + my history is too important, but good advice when they start to bother me i will go to ESR

For me i most of the time delete  all my history every so often . Its not that changing the search bothers  me so bad i have disconnect as my homepage  i could delete the search bar and just use it , it has 3 or 4 search engines . Its the fact there removing stuff i do use a lot bugs me . Its more of the principal of it that bugs me that there removing code that's not broke . Most workarounds like getting the old search back they seen it  as a bug  when many users seen it as a asset.