Firefox 3.5.2 released
The folks at Mozilla have released the second maintenance release of the ever popular Firefox web browser. Besides the usual bug fixes it also plugs several serious security issues.
Four critical security issues were addressed concerning: a chrome privilege escalation due to incorrectly cached wrapper, crashes with evidence of memory corruption, a heap overflow in certificate regexp parsing, and a compromise of SSL-protected communication. One moderate issue was addressed concerning the location bar and SSL indicator spoofing via window.open() on invalid URL. And finally one low priority issue regarding data corruption with SOCKS5 reply containing DNS name longer than 15 characters.
The major fix in this release includes proper rendering of images with ICC profiles on all monitors. But there are a lot of other fixes as well according to Bugzilla.
As always, if Firefox hasn't asked yet, you can update Firefox implicitly by selecting the "Check for Updates..." option from the Help menu. Or if you don't have Firefox installed you can get the full download from Mozilla's site.