Firefox Update Fixes Three Critical Flaws

Mozilla yesterday released Firefox version 3.5.6. The update resolves three critical security holes, and also patches up some stability issues.

An integer overflow flaw in the libtheora video library picks up a fix, as does a memory safety concern in the liboggplay media library. The third critical fix takes care of a problem with Javascript that could allow for crashing the browser and potentially running malicious commands.

For full details on the critical fixes, as well as four other security updates rated high, moderate or low, see Mozilla's list of security advisories for Firefox 3.5. For a technical list of all the bugs squashed in 3.5.6, head to Bugzilla.

Clicking Help | Check for Updates will get you the new version, as will the browser's automatic update feature (find its settings by clicking Tools | Options, then select Advanced and the Update tab).

Subscribe to the Security Watch Newsletter

Comments