Firefox version 3.0.6 has just been released to fix several security and stability issues. Update to the Ubuntu version of Firefox should be available soon. Some of the changes noted are:
In previous versions of Firefox, some users experienced a problem where parts of the screen were not properly displaying after Firefox was open for long periods of time.
Improved the ability for scripted commands (including those included in popular extensions like Adblock Plus) to work properly with plugins. (bug 438830)
Removed the client user ID from crash reports.
Fixed issues with the display of some Indic scripts.
The security fixes included in Firefox version 3.0.6 is listed below:
- Directives to not cache pages ignored
- XMLHttpRequest allows reading HTTPOnly cookies
- Chrome privilege escalation via local .desktop files
- Local file stealing with SessionStore
- XSS using a chrome XBL method and window.eval
- Crashes with evidence of memory corruption (rv:22.214.171.124)