Firefox 119 ships with security fixes and privacy enhancements
Mozilla Firefox 119 will be released later today. The new Stable version of Firefox is accompanied by Firefox 119 for Android and Firefox 115.4 ESR.
Core new features of Firefox 119 include Encrypted Client Hello support for all users, extensions imports from Chrome, improved tracking protection and new PDF editing capabilities.
All developer versions of Firefox are updated around the same time. This means that Firefox Beta and Dev move to version 120 and Firefox Nightly to version 121.
Executive Summary
- Encrypted Client Hello is now supported.
- Mozilla patched security issues in Firefox 119.
- Firefox 119 includes privacy improvements.
Firefox 119.0 download and update
Firefox 119's and Firefox 115.4 ESR release date is October 24, 2023. Depending on when you read this, it may not be released yet.
Later today, the new Firefox releases will become available via the automatic updating functionality of the browser. Downloads are also offered on Mozilla's official website then.
To display the current version, select Menu > Help > About Firefox. Doing so displays the installed version and runs a check for updates.
Here are the official download locations:
- Firefox Stable download
- Firefox Beta download
- Nightly download
- Firefox ESR download
- Firefox for Android on Google Play
Firefox 119.0
Encrypted Client Hello Support
Firefox 119 supports Encrypted Client Hello officially now. You can check out the full article on the introduction.
Encrypted Client Hello improves the privacy of connections by encrypting information about the domain name during connection attempts. Previously, anyone listening in on network traffic, including ISPs, could monitor the information.
Some ISPs sell information about user activity on the Internet, others may use DNS-based blocking to prevent access to certain sites. With Encrypted Client Hello, DNS-based blocking is no longer effective.
Note that servers need to support this well to work.
Privacy Improvements
Mozilla implemented several privacy enhancements in Firefox 119. The two core additions are the partitioning of Blob URLs and limited visibility of fonts that websites have access to.
The first mitigates a potential tracking vector that third-parties may utilize for tracking purposes. This was the only state partitioning test at Privacy Tests that Firefox failed at.
The limitation of fonts improves Firefox's defenses against font fingerprinting by restricting sites to system fonts and language pack fonts.
Firefox View displays more content
A click on the Firefox View icon in the leftmost section of the tab bar displays the interface.
Firefox users see all content there now from all open browser windows. Synced tabs will also show up and the browsing history can now be sorted by date or site.
Other changes and fixes
- Storage Access API updated "to improve security while mitigating website breakages".
- Firefox's PDF Viewer is getting options to add images and alt text. This is rolling out gradually to the entire population.
- Firefox may now import some extensions from Google Chrome when migrating data.
- Recently closed tabs persist between sessions, if automatic session restore is not enabled.
- Media sniffing is no longer applied to files served as type application/octet-stream.
- Windows users may notice that the mouse pointer is no longer displayed. This happens if a specific mouse properties setting (Hide pointer while typing) is enabled on the system.
- Firefox is now available in Santali.
- Mozilla fixed a scroll position jumping issue on Facebook.
Developer changes
- The <input> element no longer supports the non-standard mozactionhint attribute.
- The attr() CSS function fallback value is now supported.
- The Object.groupBy() and Map.groupBy() static methods are now supported.
- The SVG attributes that accept a <length> value now support level 3 length CSS data types for all SVG elements.
- The credentialless directive of the Cross-Origin-Embedder-Policy HTTP response header is now supported on desktop platforms.
- The Credential Properties Extension (credProps) of the Web Authentication API is supported.
- The getAuthenticatorData(), getPublicKeyAlgorithm(), and getPublicKey() methods of the AuthenticatorAttestationResponse interface are now supported.
Enterprise changes
Security updates / fixes
Mozilla patched a total of 11 different security issues in Firefox 119. The aggregate severity rating is high, but none of the issues appears to be exploited in the wild.
Outlook
Firefox 120 and Firefox ESR 115.5 will be released on November 21, 2023.
Firefox extension reviews and news
Recent Firefox news and tips
- Firefox will soon tell you if product reviews are reliable
- Firefox is getting a button to Reset Private Browsing Sessions
Additional information / resources
- Firefox 119 release notes
- Firefox 119 for Developers
- Firefox 119 for Enterprise
- Firefox Security Advisories
- Firefox Release Schedule
After update video wont play then Firefox crashes.
Same here. Almost a dozen times in just one single day. Absolutely annoying.
Turning back to old version, this could be certainly a bug.
Do not know what happened but a simple reboot fixed it. Tor wouldnt play vids either so not a Firefox issue. Maybe my Debian is possesed.
Still on 1.5 cause they’ve introduced javascript 1.7 and “improved” tabbed browsing in v2. Improved my ass.
A user since v0.1.
I don’t know if it’s related, however yesterday I was unable to write my credit card in the Orange website. Chrome was fine. Edge was fine. Old version of Firefox was fine too.
A kindred spirit.
Still on 110 until there’s a way to address the dumb puzzle piece and lack of menu customization they introduced. If it’s never addressed, goodbye Firefox—and I’ve been a user since v1.0.
Search askvg DOT com for “unified-extensions-button” to find the fix.
I’d rather deal with UI changes, annoying as they may be, than run an older version of a browser engine.
Err, it can be addressed – turn it on: pick which extensions should be pinned, then once you’re happy, there’s a bit of css code you can use to nuke the puzzle-piece. Then you can see and interact with any pinned extensions, but not the ones you haven’t pinned. My firefox looks fine but there’s just a little bit of work if I ever wanna rejig my extensions which is rarely.
Let me know if you want help with this, but I barely ever check messages on here so good luck.
How can you be a long time firefox user if you don’t know the power of CSS editing (firefox’s best feature).
It turns out it does not work as it did in v110. You have two options: 1. Put all the icons you want access to on the toolbar (even if you use them only semi-regularly) or 2. Leave them all in the puzzle menu and scroll through *all* of your extensions to find them.
I have a *lot* of extensions so neither one of those options works for me.
Just to be clear, what you are explaining makes the puzzle icon look like the overflow menu? I don’t want all of those icons on my toolbar. I want a menu that shows me only the extensions I want to see.
If you can post the CSS, that would be great. Save a little time.
Thanks
Oh, I know CSS and it’s power. I’ve been skinning Thunderbird for years. I’ve just never done any of it with Firefox. I was simply waiting to see if they were going to correct that massive blunder, or whether an extension may fix it at some point before I delved into seeing whether it was even possible to fix with CSS. In the meantime, I simply disabled Firefox from even attempting to update.
Thanks for the info.