2025.02.28.1 ⚠️ **ALL DESKTOP USERS ARE RECOMMENDED TO UPDATE TO THIS RELEASE ASAP**. This release mitigates [CVE-2025-27091](https://www.cve.org/CVERecord?id=CVE-2025-27091) *(high severity)* from Firefox upstream, [which Mozilla has not yet fixed]( https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2025-27091)... ____ * Disabled OpenH264 to mitigate [CVE-2025-27091](https://www.cve.org/CVERecord?id=CVE-2025-27091), and due to [other security concerns](https://codeberg.org/celenity/Phoenix/commit/12f161dce776b313e611851492e3f79f6f143f69)... - `media.ffmpeg.allow-openh264`, `media.gmp-gmpopenh264.enabled`, `media.gmp-gmpopenh264.provider.enabled`, & `media.gmp-gmpopenh264.visible` -> `false` * Temporarily disabled [Download Spam Prevention](https://bugzilla.mozilla.org/show_bug.cgi?id=1731668) by default, as it's unfortunately still too buggy/experimental... - `browser.download.enable_spam_prevention` -> `false` * **DESKTOP**: Fixed a bug that prevented uBlock Origin's `assets.json` from updating after first set-up - **Note that you MUST reset uBlock Origin by navigating to Settings -> Reset to default settings... to receive the updated configuration**. You can back up your current settings using the **`Back up to file...`** option, and restore your settings after the reset is complete with the **`Restore from file...`** option. Apologies for any convenience, the fix here should help ensure this isn't a problem in the future... * **DESKTOP**: Disabled the ability for uBlock Origin's built-in filterlists to [use filters requiring trust](https://github.com/gorhill/uBlock/wiki/Dashboard:-My-filters#allow-custom-filters-requiring-trust), due to security concerns. * **DESKTOP**: Added new filterlists to uBlock Origin that allow the user to block **SVG**, **WebGL**, **WebGPU**, and **WebRTC** per-site. Users are **highly** recommended to use these filters *(with the exception of **WebGPU** - very few websites use it so we fully disable it via `dom.webgpu.enabled`, though this filter may prove useful for the future if WebGPU does become adopted...)*, and see if it suits them - due to the significant privacy & security advantages. **`Block SVG`** is located under **`Malware protection, security`**, while **`Block WebGL`** and **`Block WebRTC`** are located under **`Multipurpose`**. This is **especially** important for Phoenix **Extended** users, as it's likely we'll stop completely disabling WebGL *(`webgl.disabled`)* in the future, due to this list. - **Please report any breakage caused by these lists [here](https://codeberg.org/celenity/BadBlock/issues).** * Hardened extension CSP policies to disable WebAssembly *(without breaking Firefox Translations... ;))* & upgrade insecure network requests - https://codeberg.org/celenity/Phoenix/commit/58eca0f015c2beacc216182085ddcc37e0348064 * Enabled [Add-on Distribution Control](https://groups.google.com/g/firefox-dev/c/U7GpHE4R-ZY) *(Install Origins)* by default - `extensions.install_origins.enabled` -> `true` * Enabled the [Sanitizer API](https://github.com/WICG/sanitizer-api) by default - `dom.security.sanitizer.enabled` -> `true` * Set Firefox to sync with [Remote Settings](https://remote-settings.readthedocs.io/) hourly, rather than once a day by default, as Remote Settings is used for various security-critical functionality *(Ex. CRLite/revocation checks, malicious add-on blocklists, etc)*, so we want to make sure users are up to date ASAP - `services.settings.poll_interval` -> `3600` * **DESKTOP**: The Firefox logo is now hidden on `about:home` by default - `browser.newtabpage.activity-stream.logowordmark.alwaysVisible` -> `false` * **SPECIALIZED CONFIGS**: Stopped automatically loading websites on browser launch - as uBlock Origin is unfortunately unable to filter on the profile's first launch * **SPECIALIZED CONFIGS**: The search bar is now hidden from `about:home` by default - `browser.newtabpage.activity-stream.showSearch` -> `false` * Other minor tweaks, fixes, & enhancements ___ Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2024.02.21.1...2025.02.28.1) for more details. GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2024.02.21.1...2025.02.28.1) for more details. GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2024.02.21.1...2025.02.28.1) for more details. ___ :)