Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Firefox Mozilla Network Networking Privacy Security Software The Internet

Mozilla Firefox 52 Released As ESR Branch, Will Receive Security Updates Until 2018 (softpedia.com) 91

prisoninmate quotes a report from Softpedia: Back in January, we told you that the development of the Mozilla Firefox 52.0 kicked off with the first Beta release and promised to let users send and open tabs from one device to another, among numerous other improvements and new features. Nine beta builds later, Mozilla has pushed today, March 7, the final binary and source packages of the Mozilla Firefox 52.0 web browser for all supported platforms, including GNU/Linux, macOS, and Windows. The good news is that Firefox 52.0 is an ESR (Extended Support Release) branch that will be supported until March-April 2018. Prominent features of the Mozilla Firefox 52.0 ESR release include support for the emerging WebAssembly standard to boost the performance of Web-based games and apps without relying on plugins, the ability to send and open tabs from one device to another, as well as multi-process for Windows users with touchscreens. With each new Firefox release, Mozilla's developers attempt to offer new ways to improve the security of the widely-used web browser across all supported platforms. Firefox 52.0 ESR implements a "This connection is not secure" warning for non-secure pages that require user logins, along with a new Strict Secure Cookies specification.
This discussion has been archived. No new comments can be posted.

Mozilla Firefox 52 Released As ESR Branch, Will Receive Security Updates Until 2018

Comments Filter:
    • My bookmarks bar is invisible on start up and in every new private window. The only way to show it is to hide and then unhide it.
    • The settings button (three horizontal bars) doesn't work. You click it - nothing happens
    • Firefox doesn't restore saved windows/tabs from the previous session even though it's what my preferences say: Show my windows and tabs from last time.
    • Firefox has reset my lightweight theme (luckily I have a backup).

    The worst update ever. I'm horrified by the prospect of upcoming Firefox 5

    • by Anonymous Coward

      As another AC pointed out, the previous ESR is still supported until mid-June (and you don't have to stop using it as soon as its support ends).

      I hope you consider submitting those bugs to Bugzilla [mozilla.org], because you seem to be quite good at identifying and articulating the problems you experience.

      • by Artem S. Tashkinov ( 764309 ) on Tuesday March 07, 2017 @08:48AM (#53991793) Homepage

        Nowadays Mozilla devs have a peculiar way of treating new bug reports: first, they offer you to disable all add-ons, then reset all settings, then try a fresh profile. I don't like any of these "options".

        Alas, that's what I'm going to do, because Firefox is still the best web browser out there. Too bad, it's headed in the direction of becoming a Chrome clone.

        • by Tranzistors ( 1180307 ) on Tuesday March 07, 2017 @09:11AM (#53991925)

          All that resetting is necessary to help to debug. If the bug is in add-ons, then it should be reported to the add-on developers. If it is really a fault of Mozilla, add-on developers should report it, since they will probably have a better insight of what exactly has gone wrong.

          Similar with settings. If you have messed with about:config, it is nigh impossible for Mozilla to test all the permutations, or provide reasonable upgrade path to all of them.

          In my workplace, we have similar issues, but we solve them by selling support. Since you get FF for free, it would be unreasonable to expect them to handle your specific configuration.

        • Comment removed based on user account deletion
          • I switched nearly 2 years ago and I can tell you its really good

            Quantify "really good" for compsci nerds.

            How many security updates have Pale Moon Devs done since "2 years ago"? The internet seems to unfortunately be a moving target. You'd think they'd run out of bugs eventually =-)

            I ask these questions as someone who has frozen at an earlier FF (51?) on my personal desktop, and doesn't bother with it at all for work development, and is saddened by it.

            I just don't think the Pale Moon team has the manpower to keep up.

            • > How many security updates have Pale Moon Devs done since "2 years ago"?

              Check their announcements page https://forum.palemoon.org/vie... [palemoon.org] Since 2015/03/13 they've released 25.3, 25.3.1, 25.3.2, 25.4, 25.4.1, 25.5, 25.6, 25.7.0, 25.7.1, 25.7.2, 25.7.3, 25.8, 25.8.1, 26.0, 26.0.2 (Note; 26.0.1 "internal only"), 26.0.3, 26.1.0, 26.1.1, 26.2.0, 26.2.1, 26.2.2, 26.3.0, 26.3.1, 26.3.2, 26.3.3, 26.4.0, 26.4.0.1 (yes), 26.4.1, 26.5.0, 27.0.0, 27.0.1, 27.0.2, 27.0.3, 27.1.0, 27.1.1, and 27.1.2

              That sounds like ke

        • by Waffle Iron ( 339739 ) on Tuesday March 07, 2017 @09:29AM (#53992051)

          Nowadays Mozilla devs have a peculiar way of treating new bug reports: first, they offer you to disable all add-ons, then reset all settings, then try a fresh profile. I don't like any of these "options".

          Let's say you bring your pickup truck to the Ford dealer for warranty repairs because you claim it "handles like crap".

          If they tell you to first remove the after-market 6-inch lift kit and 35-inch off road-tires that you installed, would that be unreasonable?

          • by Anonymous Coward

            Let's say the 6" lift kit and 35" off-road tires are used by > 50% of Ford truck owners. Would it be reasonable to assume Ford has some interest in making it work well with that setup?

            • by SeaFox ( 739806 )

              Let's say the 6" lift kit and 35" off-road tires are used by > 50% of Ford truck owners. Would it be reasonable to assume Ford has some interest in making it work well with that setup?

              Not if they are after-market parts -- you're putting Ford in the position of keeping track of what the aftermarket mod industry is doing. That's a classic case of the tail wagging the dog. Ford builds the truck to perform a certain way as they built it. If the owner adds a bunch of crap to it Ford had no design input on, they can't hold Ford responsible if the truck no longer performs the same.

              If that suspension change was so popular, Ford would start offering the truck in that configuration from the factor

          • by Anonymous Coward

            The more accurate car analogy would be for you to remove the non-manufacturer provided tires you got from their approved retail partners, then delete your radio station presets and move your seats back to their initial positions, then replace the body with a new one.

            I agree with the GP, if the problem is with the engine, fix the engine.

    • by Artem S. Tashkinov ( 764309 ) on Tuesday March 07, 2017 @09:17AM (#53991969) Homepage

      For anyone who has the same problems (they are all caused by the same add-on): the culprit is

      Status-4-Evar

      Disable it and Firefox becomes functional, albeit without a status bar. I'm now trying to understand what status bar add ons still work with Firefox 52 (the status bar was removed aeons ago because Firefox developers believe no one needs it).

      • While we are at it, I've found it:

        The Addon Bar (Restored) [mozilla.org] still works. Hopefully slashdotters will forgive me for 100+ messages in the comments section.

        • This add-on also breaks Firefox. So far there are no functional status bar addons for this version. :-(
          • by trawg ( 308495 )

            I seem to have a functional status bar, just using Classic Theme Restorer!

            • Fun fact, I eventually tried Classic Theme Restorer and found it looked like ass anyway, like it didn't play well with the GTK theme and had some "default" looking colors or shape that would work fine on the Windows 7 x64 SP1 that everyone uses except linux users. The configuration GUI looks like a space shuttle simulator, which is why I went not far and moreover the Firefox 4 GUI isn't that "classic" to me. But I don't want to flame the authors or the users!

              Hopefully Firefox moves on in a good way. After X

    • by trawg ( 308495 )

      So I read your post in fear, backed up via MozBackup, and then upgraded to see what would happen.

      Luckily I had none of the problems you did - except the font rendering has changed. This seems to be a global thing - tab titles look a little different (I think), but most notably almost every page I go to looks a little off - like the fonts aren't being smoothed properly, or something.

      Super noticable on text heavy sites (like Gmail and Slashdot).

      After the usual amount of fucking around trying to find what it w

    • by eam3 ( 962365 )
      I got lucky then. I updated to 52.0 and my bookmarks are fine (even in private mode), my add-ons are fine and it's working just like it was before. That's only on one computer though, have not tried it at home yet (Windows10/Linux Mint 18.1).
  • by Anonymous Coward

    Phew, for a moment I thought it was an Eric S. Raymond branch ...

  • by tepples ( 727027 ) <.tepples. .at. .gmail.com.> on Tuesday March 07, 2017 @08:30AM (#53991711) Homepage Journal

    Firefox 52.0 ESR implements a "This connection is not secure" warning for non-secure pages that require user logins

    Imagine for a moment that you're seeing this notice on your home NAS. You'd consider making it secure, but a secure page requires a TLS certificate. Because friends and family bring their own smartphones, tablets, or laptops to access your home server, you don't want them to have to first install an internal root certificate. A TLS certificate that others already trust requires a domain because the CA/Browser Forum's Baseline Requirements forbids issuing a certificate for a made-up TLD or a private IPv4 address (such as 192.168/16). So now it appears everyone with a home server will have to buy a domain in order to make this go away.

    • Oh, they should be informed that anyone on the network can sniff their password (which they most probably reuse). Even if they trust you to store it properly, they should not trust anyone else listening.
    • Just be glad you're not using professional networking gear that gets installed and then stays mostly untouched for years. A lot of gear that is still in use dates from the era when plugins were necessary to do just about anything graphical in a browser-based UI, and all of them just broke completely with the removal of NPAPI support. (There is a note on the Mozilla web site that the ESR for 52 doesn't have this limitation, so it looks like anyone in that position has about a year more before Firefox won't s

  • How Firefox's market share risen above 10% yet? What is Mozilla doing to make Firefox more compatible with sites that work well on other browsers?

    .
    https://www.netmarketshare.com... [netmarketshare.com]

    • by Anonymous Coward

      According to netmarketshare it's 11.7% if the desktop market using Firefox, which is over 10%. The number you pulled included ONLY version 51. You left our everyone using ESR, all the people with up-to-date Developer Edition, and everyone who hadn't yet received the then-latest update.

      https://www.netmarketshare.com/browser-market-share.aspx?qprid=0&qpcustomd=0

      • According to netmarketshare it's 11.7% ...

        Thanks for the update.... Now, about those rendering issues...

  • By setting security.enterprise_roots.enabled to true FF will check the Windows Certificate Store for CAs that can be pushed via GPO, so it should integrate more easily with Enterprise setups.
  • by Anonymous Coward

    The main sources of online vulnerabilities have been Java, Flash, Silverlight, Adobe PDF plugin, and of course javascript. Running executable code in the browser is not a good idea. So how is it that so many people think adding a new vulnerability is a good idea? The reason, of course, is services and the possible profit from them. I will not be using a browser with WebAssembly built in.

    • The reason, of course, is services and the possible profit from them.

      Your paranoia has crossed over into pure nonsense here. Anyway, WebAssembly is easier to audit for security problems than a JavaScript JIT, so as JavaScript moves to WebAssembly as a backend you'll have even better security.

      I will not be using a browser with WebAssembly built in.
      . :rolleyes:

  • As of March 2PM Eastern time, the official Mozilla Firefox ESR site

    https://www.mozilla.org/en-US/... [mozilla.org]

    is still offering ESR 45.8.0 and NOT esr 52.0.0

    Please notice that TFA links to their own download site and NOT Mozilla's

    ----------

    As per the NPAPI support:

    NPAPI support is there in the code, since the NPAPI Flash plug-in still works. Is only that Mozilla's developers decided to disable it for all other plugins.
    Plugins that do not use NPAPI are failing because Firefox is slowly rolling out multiplrocess (proje

    • I've been on Nightly and Firefox Developer (Auora) for 3 - 4 years. All of the necessary Add-ons work just fine. I got rid of all of QuickSaver's extensions as he pre-announced that he wasn't going to support them any longer due to the upcoming FF 57.

      Activity Stream (Mozilla)
      Copy All Tab Urls WE
      Enpass Password Manager
      Greasemonkey
      Multiple Tab Handler
      Page Shot (Mozilla)
      Session Manager
      SnoozeTabs (Mozilla)
      Stylish
      Stylish-Custom
      Tabhunter
      Test Pilot (Mozilla)
      Tree Style Tab
      uBlock Origin
      uMatrix
      Vertical

  • Hi all! I just added Firefox 52 to Browserling. You can try this latest Firefox version without installing right from your browser via this link:

    www.browserling.com/firefox/52/slashdot.org [browserling.com]

    We run the browsers in virtual machines and stream them to your browser. If the demand is too high then you'll have to wait in a queue for a while to try it. I'm adding more virtual machines right now to let more people try it without waiting.

  • When I saw there was an ESR branch, my first thought is that they had renamed it to GNU/Firefox.

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...