Mozilla Firefox has released version 139 with new features including customizable new tab backgrounds, enhanced built-in translation for extension pages, and link preview functionality. Multiple security updates address memory safety, cross-origin leaks, potential code execution vulnerabilities, and encryption improvements. #Firefox139 #MFSA #CVE2025-5263 #LinkPreviews
Keypoints
- Firefox 139 introduces customizable new tab backgrounds allowing users to upload any image as background.
- The built-in translation feature now supports internal extension pages starting with moz-extension://.
- Link preview functionality shows thumbnails, titles, and summaries of linked resources when holding Shift+Alt keys before clicking.
- Several critical security vulnerabilities were fixed, including double-free issues in libvpx encoder and improper script execution isolation allowing cross-origin leaks.
- The “Copy as cURL” command was patched to prevent potential local code execution from insufficient escaping of newline and ampersand characters.
- Memory safety bugs affecting Firefox 138 and ESR versions were addressed, eliminating risks of arbitrary code execution.
- A clickjacking vulnerability that could leak saved payment card details was resolved, and encrypted DNS handling was improved to ensure SNI encryption.
Read more: https://wezard4u.tistory.com/429500