Firefox 79 Is Released With 10 Security Fixes
The latest version of the Mozilla Firefox web browser has very little to offer GNU/Linux users beyond ten security fixes, four of which are "high impact". Mozilla's "WebRender" rendering engine enabled for Windows users with Intel and AMD graphics cards as of this release but it is not enabled on Linux where Firefox users still get "Basic" rendering regardless of what GPU they have. You can force-enable WebRender on Linux if you really want it.
written by 윤채경 (Yoon Chae-kyung) 2020-08-03 - last edited 2020-08-03. © CC BY
Firefox 79 with a clean default profile.
The Mozilla corporation has been treating Linux users as second-class citizens for years and that is still the case as of Firefox version 79. This version enables the WebRender rendering engine, that has been around for years now, on computers with the Windows operating system and a Intel or AMD graphics card. Linux users are still stuck with the older "Basic" rendering engine regardless of what graphics card they have.
Force-Enabling WebRender Rendering[edit]
Linux users who want the shiny WebRender rendering engine can enable it. The trick is to type about:config
into the address bar. That brings up a special page where you are told to "Proceed with Caution" and you have to "Accept the Risk and Continue". Doing so gives you access to special under the hood configuration values. Type webrender
into the search field and several WebRender-related values will appear. Change gfx.webrender.all
and gfx.webrender.compositor.force-enabled
to true
to force-enable WebRender rendering. Next, re-start Firefox either by typing about:restartRequired
into the address bar and clicking "Restart Firefox" or simply close it (ctrl+q and re-launch it. Going to the special page about:support
(again, type it into the address bar) when gfx.webrender.all
and gfx.webrender.compositor.force-enabled
are set to true
should make "Compositing" under the "Graphics" heading on that special page show "WebRender" instead of "Basic".
Do not expect wonders if you do choose to force-enable the WebRender rendering engine. It scores higher in the synthetic Basemark Web 3.0 benchmark and lower in the Unity WebGL 2018 benchmark.
Firefox 79 scores lower than both earlier Firefox versions and it is much slower than Chromium 84 - regardless of which rendering engine you choose.
Security Fixes[edit]
New Firefox releases tend to have a dozen important security fixes and Firefox 79 is no exception. The Mozilla Foundation Security Advisory 2020-30 lists ten security fixes, four of which are "high" impact:
"High" impact:
- CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
- CVE-2020-6514: WebRTC data channel leaks internal address to peer
- CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
- CVE-2020-15659: Memory safety bugs fixed in Firefox 79
"Moderate" impact:
- CVE-2020-15653: Bypassing iframe sandbox when allowing popups
- CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
- CVE-2020-15656: Type confusion for special arguments in IonMonkey
"Low" impact:
- CVE-2020-15658: Overriding file type when saving to disk
- CVE-2020-15657: DLL hijacking due to incorrect loading path
- CVE-2020-15654: Custom cursor can overlay user interface
These security fixes, some of whom are quite serious (notably the addressed memory safety bugs), are reason enough to upgrade to Firefox 79 if you are using Firefox as your daily driver web browser. There isn't really any other reason to upgrade as Firefox 79 offers Linux users nothing new of interest. WebRender has been available in earlier Firefox versions for quite some time. The only thing new in that regard is that it is now enabled by default on machines running the Windows operating system. That does nothing for Linux users running Firefox.
Some distributions have Firefox 79 in their repositories already. The rest will likely have it shortly. Upgrading using your distributions normal procedure will be enough to get you the latest Firefox if you already have the package installed.
Enable comment auto-refresher