Firefox 3.0.12 Fixes Five Critical Security Issues
Mozilla recommends its updated Firefox 3.0.12 version for its new 3.0 series in that it removes a few critical security issues.
The critical vulnerabilities resolved in Firefox 3.0.12 include those mentioned in Mozilla's Security Advisory: MFSA 2009-35 (Flash player crash and remote code execution), MFSA-2009-37 (ditto for the SVG element) and MFSA 2009-34 (memory corruption) that were vulnerable to attacks.
The MFSA 2009-37 vulnerability also affected the JavaScript-to-Chrome interface under conditions. A further MFSA 2009-36 caused heap/integer overflows in the font glyph rendering libraries. A high, if not critical, vulnerability resolved was MFSA 2009-40 involving cross-site scripting (XSS).
Further changes are described in the 3.0.12 release notes. The Mozilla site includes the fully localized downloads. The update also works with the browser's built-in update feature and Linux distro package managers.
New 3.0 series?