Tux Machines

Mozilla/Firefox: Release, Patch, Nightly, and EasyOS

Posted by Roy Schestowitz on Oct 20, 2022

Ubuntu Touch development - Wanna sponsor ARM64 CPU power for CI build infrastructure?

Videos and More: EndeavourOS 22.9, Linux Action News, and New Ubuntu

Firefox 106 Brings PDF Annotation - Gesture Nav to Linux - OMG! Ubuntu!

↺ Firefox 106 Brings PDF Annotation - Gesture Nav to Linux - OMG! Ubuntu!

> I’ve been a bit busy with site design changes and Ubuntu 22.10 release content writing so I missed Firefox 106 being release released.

> And, y’know what? Firefox 106 is actually a pretty meaty update, even if I’m not a fan of all of its changes. The browser’s rapid release cadence means big new features are few and far between, or introduced slowly over several releases.

> Not so here — let’s take a look.

Mozilla Releases Security Updates for Firefox | CISA

↺ Mozilla Releases Security Updates for Firefox | CISA

> Mozilla has released security updates to address vulnerabilities in Firefox ESR and Firefox. An attacker could exploit these vulnerabilities to cause denial-of-service conditions.

Security and Correctness in Wasmtime

↺ Security and Correctness in Wasmtime

> The essence of software engineering is making trade-offs, and sometimes engineers even trade away security for other priorities. When it comes to running untrusted code from unknown sources, however, exceptionally strong security is simply the bar to clear for serious participation: consider the extraordinary efforts that Web browser and hypervisor maintainers take to preserve their systems’ integrity. WebAssembly runtimes also run untrusted code from untrusted sources, and therefore such efforts are also a hard requirement for WebAssembly runtimes.

> WebAssembly programs are sandboxed and isolated from one another and from the host, so they can’t read or write external regions of memory, transfer control to arbitrary code in the process, or freely access the network and filesystem. This makes it safe to run untrusted WebAssembly programs: they cannot escape the sandbox to steal private data from elsewhere on your laptop or run a botnet on your servers. But these security properties only hold true if the WebAssembly runtime’s implementation is correct. This article will highlight the ways we are ensuring correctness in the Wasmtime WebAssembly runtime and in its compiler, Cranelift.

> This is our second blog post leading up to Wasmtime’s upcoming 1.0 release on September 20th, 2022. The first blog post focused on Wasmtime’s performance. We’re ready to release Wasmtime 1.0 because we believe not only that it solidly clears the bar for security and correctness, but also that we have the momentum, processes, and multi-stakeholder investment in place to keep it that way in the future.

Firefox Nightly: A new release, a new button and much more – These Weeks in Firefox: Issue 126

↺ Firefox Nightly: A new release, a new button and much more – These Weeks in Firefox: Issue 126

HTML-NOTEPAD WYSIWYG HTML editor

↺ HTML-NOTEPAD WYSIWYG HTML editor

> To bring it back, something else very big has to go. Easy has both Firefox and SeaMonkey, which is too much of a luxury, one will have to go.

gemini.tuxmachines.org