Firefox 105.0.2 fixes 5 different issues in the browser
Mozilla plans to release Firefox 105.0.2 Stable later today. The non-security update addresses five different issues in the browser, including a potential browser deadlock.
If you are reading this on October 4, 2022, Firefox 105.0.2 may not yet be released. The update will be published later today.
Firefox includes automatic update functionality to download and install updates without user interaction; this does not happen in real-time though. A manual check for updates is an option to install updates earlier.
To do that, select Menu > Help > About Firefox. Firefox opens a small window with information about the installed version. It runs a check for updates furthermore to download and install the latest update.
Firefox 105.0.2: the changes
Firefox 105.0.2 includes a single major fix and four lesser fixes. The main issue affects the loading of some sites in the browser's Safe Mode. Firefox users may enable Troubleshoot Mode under Menu > Help > Troubleshoot Mode to run the browser without extensions, themes and custom settings.
Designed to troubleshoot issues in the browser, it requires a restart before it becomes the active mode.
According to the bug report on Bugzilla, the loading of some sites stalls permanently in Troubleshoot Mode. The issue depends on the browser's font configuration and site content, according to Mozilla. Only Firefox instances with the shared font list disabled appear affected by the issue.
Firefox users may set gfx.e10s.font-list.shared to false in the advanced configuration to disable the shared font list.
Two of the fixed bugs address styling issues in the browser. The first issue affected the styling of sidebars of some add-ons in Private Browsing Mode, the second resolved issues with dynamic appearance changes.
- Fixed a bug causing some dynamic appearance changes to appear when expected
- Fixed a bug causing theme styling to not be properly applied to sidebars for some add-ons in Private Browsing Mode
The fourth bug fix addresses a poor contrast issue on Linux systems. Some menu items "with certain themes" had a poor contrast. The final fixed a scrollbar appearance issue on right-to-left locales.
The official release notes will be updated later today (if you are reading this on October 4, 2022).
Firefox 105.0.2 is the second point release of Firefox 105. The first restored the original focus behavior of the browser, which Mozilla changed in the Firefox 105 release.
Excellent as always!
But wait! And remember – I AM a Firefox user. Why aren’t we hearing the same “outrage” about the insecurities found in Firefox, that we do in Chrome or Edge? Come on people. At least let’s be consistent.
Just wait patiently and you will see that these few are far more serious than over 50 CVEs fixed in chrome last month. It’s obvious that there are more undiscovered in FF and naturally far more dangerous as it does not have a sandbox. Because it’s logical that hackers, scammers etc are targetting and searching for holes in the less popular browser.
Don’t forget Firefox has only 3% market share and to make any comparison with Chrome you have to multiply any discovered issues with 20. So technically Firefox had 100 issues solved in this update while Chrome only had 57 CVEs. Plus Firefox has right-wing bias, sugar daddy issues, no soapbox.
> in FF and naturally far more dangerous as it does not have a sandbox
Sorry, that’s BS. Of course, Firefox has a comprehensive sandbox – see https://wiki.mozilla.org/Security/Sandbox
Secondly, parts of Firefox are written in Rust. I know that some people here belittle that as only a small of the code is written in Rust (about 10%) – but it’s a crucial part of the browser, namely the rendering engine (WebRender). And since both Google and Microsoft found in their research that about 70% of all vulnerabilities are caused by exactly the flaws which prevented by Rust, this surely makes a difference.
Who is this “we” single users keep talking about? There is no “we”, but our own subjective opinions only. Once “we” realize this, an online discussion can be more laid back.
I for one do not care about Chrome, nor do I have to add to these needless fanboy discussions.
“We” are most Ghacks comment posters. Please don’t tell me that you can’t see what I’m citing.
Jody, there is no need to talk to these guys. They are here to shill for their dying, Google-funded browser to readers using the fake news that Firefox is “more secure”. I define more secure as: “The application has exploit mitigations that make hacking it non-trivial.” They define secure as: “My browser has nominally fewer security issues reported.”
Their definition misses the mark for several reasons:
– Popularity of each given software is a major factor in what gets hacked and what doesn’t. With 80% market share, Chromium is objectively a valuable target; if you can hack it, you are statistically catching 80 out of 100 people. Firefox with a market share of a mere 3% is objectively not a valuable target / much less valuable target, so expecting adversaries to put the same time and resources into hacking Firefox vs. Chromium is a fallacy. Chromium could be 10 times as secure as Firefox and would still have a higher nominal number of security issues just due to the time, manpower and resources that go into hacking it vs. Firefox.
– How much companies invest in security research and related R&D also influences the nominal number of security issues discovered. Google has various teams including the famous Project Zero that try to hack various software including their own, many of the discovered Chromium security issues are in fact in house reports.
– The number of projects based on any given engine is also a major determinator, most browsers are based on Chromium and there are thousands upon thousands of Electron apps. All these work with the Chromium open source code, again increasing the likelihood of finding a security issue. Who works with the Firefox codebase? Only Mozilla and the undermanned Tor Project, big fat LOL to that.
– The nominal number of security issues says nothing about the severity of any given issue. A number says nothing about whether an issue was trivial to exploit or not, required physical access to the machine or not, required user interaction or not etc. Simply citing a number of issues does not cover this at all, and in reality, 5 issues rated as “severity: high” are arguably worse than 20 issues rated as “severity: low”.
I could go on, but these should already sufficiently demonstrate how ridiculous and wanting the arguments of the Firefox fanboys here are. I don’t like to talk to these, sorry, clowns, and when I see “arguments” like what @Andy Prough uttered, comparing a limited codebase like Flash that had a very limited range of functionality with an OS-sized codebase like Chromium, then I feel vindicated in my stance. This is totally ridiculous even if we ignore the evergreen fallacies cited above.
Let’s just say, if they had a good argument to make for Firefox being “more secure”, they could point at any real security feature / exploit mitigation present in the codebase. However, as these features are sorely missing, they need to try and catch stupid people via the misuse and deliberate misunderstanding of statistical likelihoods. That’s all they got.
Oh and as for your question, why does the same not happen under Firefox-related articles? Answer: Because as Chromium users, we could not care less about their dying browser, that’s why. It is that irrelevant. We also don’t suffer from the superiority complex of “fighting the good fight” – this is what these people believe, they really think their Google-funded browser is here to free the web from Google. This is fairly ridiculous, however, if you laugh at the “stakes” these people see, you are arguably making it even worse. With their Google-supported, pro-censorship, and pro-centralization browser they really believe themselves to be the heroes of the story.
With all due respect,, when you resort to name calling or personal attacks (ad hominem) you have lost the argument.
Also you say, “as Chromium users , we could not care less about their dying browser “.
If that’s the case then why are you even looking at any of these Firefox articles and often posting many comments in them ?
You mean to tell me that you never look over top the fence to see what’s going on over on the other side? I regularly investigate Vivaldi, because I want something with a customizable UI akin to Firefox. If I ever decide to leave Mozilla behind, I want choices.
Unlike Iron Heart, I do use Firefox, and yet I concur with A LOT of what he says.
> With all due respect,, when you resort to name calling or personal attacks (ad hominem) you have lost the argument.
Yeah, maybe it’s that. Or maybe I am just talking from experience and am annoyed as fuck at some point. Choose one.
> If that’s the case then why are you even looking at any of these Firefox articles and often posting many comments in them ?
In order to show others how ridiculous some arguments are, you ask for it when you post such. Don’t say stupid or false things and you will not get a negative comment from me.
>why are you even looking at any of these Firefox articles and often posting many comments in them
Quote by Iron Heart >In order to show others how ridiculous some arguments are, you ask for it when you post such. Don’t say stupid or false things and you will not get a negative comment from me.
Silly goose, don’t you know only Iron Heart is allowed to say stupid or false things?
If anything it just confirmed what many already knew or suspected, that he has a personal crusade against Firefox and feels that he is the arbiter of truth on any related comments. I wish him well with it. But suffice it to say that I will never read or reply to his comments again. I have better and more constructive things to do with my time and energy.
@Judy – >”Why aren’t we hearing the same “outrage” about the insecurities found in Firefox, that we do in Chrome or Edge?”
The chromium-based browsers are all suffering from monthly zero day exploits. That’s really really bad. Most software projects get permanently canceled when that happens.
No they don’t. Windows has experienced zero-day exploits. I’m using Windows as we speak, and it wasn’t “cancelled”
>”Windows has experienced zero-day exploits.”
Flash was canceled as a project because it had 32 zero day exploits over a 9-year period. Chromium has had 33 zero day exploits in the past 3 years alone.
because firefox fanboys are hypocrites bruh. but who cares about a dying browser anyway
No one of these fixes are security related that’s why. Read more next time * [Editor: removed, please stay polite].
I would have loved to read what “Anonymous” said that needed editing.
And to think that sudden functionally screw-ups pale in comparison to a security issuee? Like, somehow that’s better? But OK, I misread. I will read better next time Anonym…. wait, you are brave enough to state your name?
I’ll bet if the same thing was posted about a Chromium browser, you’d whine too. This is getting fatiguing.
I would like to add that my previous post was an irony.
Your browser would not have any of these issues with the big man still in charge, Brendan Eich. I still cannot believe you let a visionary and a world class talent go. With Brendan Eich in charge Firefox was beating Chrome, and IE. Now look at this so called ‘browser’. 3% market share worldwide, and further deteriorating. Even if Mozilla came to its senses and used Chromium as a base, it would be below Vivaldi in terms of market share. Why? There is already a privacy respecting browser on Chromium, it is called Brave. A pioneer in its respective field. Firefox since 2008 onwards, is a poor mans copy of Brave. Oh it’s true! It’s dam true!
I’m pretty sure Chrome took over Firefox way before Eich left Mozilla.
Firefox is better than Brave.
Everything woke turns to s—.
I can’t wait for Firefox to get its UI updated again to simulate being alive. Because the only people that need UI change to feel something is happening over there aren’t too bright to begin with.
“I can hold it.” “I’m alright.”
I have been using ff for a long time on the PC.
There used to be an easy way to move your ff profile.
I moved from 20.3 to mint 21 and found it very cumbersome to move the profile with all bookmarks etc.
In google chrome it is a matter of logging in. Done.
Why can’t ff have a similar way of moving your browser data?
@ Klaus; I find that a bit puzzling. I must assume (dangerous thing to do,no?) that you did a fresh install. I went from 20.3 to 21 using the upgrade path provided and had no trouble with profiles. I also don’t have accounts activated on any browser I use. (FF, Chromium, Pale Moon, Waterfox-using primarily FF).