While everyone is waiting for the upcoming Firefox 3.6, the folks at Mozilla released yet another maintenance release of Firefox 3.5, bringing the version up to 3.5.6.

As usual with these updates, the release notes are crowded with either stability or security bug fixes. In these release three new critical labeled security holes were plugged, concerning: integer overflow, crash in libtheora video library, memory safety fixes in liboggplay media library and crashes with evidence of memory corruption. Other issues that were plugged are: NTLM reflection vulnerability, location bar spoofing vulnerabilities, privilege escalation via chrome window.opener and GeckoActiveXObject exception messages can be used to enumerate installed COM objects.

The rest of the stability bug fixes can be revised on the bug list from Mozilla, and contains a lot of crasher bug fixes. As expected this release is a recommended update for all Firefox users and will be offered automatically when you use Firefox 3.5. Of course a manual download is also possible if you don't have Firefox installed.