Firefox 13.0.1 Update

Published: 2012-06-20. Last Updated: 2012-06-21 21:10:54 UTC
by Raul Siles (Version: 2)
4 comment(s)

UPDATE: Thanks to Toni, we got specific details about Firefox 13.0.1 on Ubuntu, including fixes for several security issues: http://www.ubuntu.com/usn/usn-1463-3/. When I published the original ISC post, the Ubuntu Firefox 13.0.1 package was not available yet, although the official one for Windows obviously was (even a few days before). Interesting...

A new version of Firefox, 13.0.1, was released today. Although the official release notes say that various security issues have been fixed in this version, by looking at the official security advisories for Firefox I couldn't find any new advisories specifically for 13.0.1, as all them (from MFSA 2012-34 to 2012-40) were fixed in version 13.0 (although unfortunately, the official release notes for Firefox 13.0 do not include the security fixes reference). We already announced these a couple of weeks ago.

In any case, be sure you get the update (via the automatic method or manually) and that it is properly applied (it includes a few functional fixes).

If you have more specific security details regarding 13.0.1 (if any), please share them through our contact page.

----
Raul Siles
Founder and Senior Security Analyst with Taddong
www.taddong.com

4 comment(s)

Comments

The release notes are a little confusing, as you say, but the changes between 13.0 and 13.0.1 are indeed only the three changes marked "fixed in 13.0.1".

Being open source, this can be verified by looking at the push log ( http://hg.mozilla.org/releases/mozilla-release/pushloghtml?startdate=2012-06-01&enddate=2012-06-15 ) which just shows those 3 fixes and a couple of other testing/infrastructure changes which aren't part of the Firefox code.

But everyone should update anyway.
The patch and a new full version of 13.01 were actually available since last friday. I installed it then and it has been working ok on my systems.

Apparently it was mainly to fix a bug with the latest update of flash player, as some ppl were having crash issues with FF 13 and the new flash updates. You'll notice on adobe's page for troubleshooting flash problems was updated and mentions this as well as how to disable the new protected mode for flash.

http://forums.adobe.com/message/4481693

http://forums.adobe.com/thread/1018071

Any news regarding Firefox ESR? It looks like ESR 10.0.5 is still current. I believe ESR 10.0.5 shipped at the same time as 13.0. Perhaps these are 13.x-only issues?
I'd meant to post the ESR Security page:
<a href="https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html">https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html</a>

Diary Archives