VERY PRELIMINARY INFO FOR VERSIONS 34 TO 38:
hotfix restore safebrowsing
43.0.4 undo blocking of sha-1 certificates, because many security devices and web interfaces of home routers stopped working
alternative: set security.pki.sha1_enforcement_level to 0
hotfix re-enable high-res youtube videos
43.0.3 undo blocking of NVidia DLLs, because it made the problem worse instead of fixing it
43.0.2 add sha-256 signing certificate, to meet new signing requirement
security fix
43.0.1 prepare to use SHA-256 signing certificate for Windows builds, to meet new signing requirement
43.0.0 many security fixes
turns off safebrowsing (accidentally)
will reject sha1-certificates starting January 1st 2016
42 ??
41 ??
40.0
Compatibility: faster Plugin-Initialization
apparently none of the beta-testers plays Farmville.
39.0.3 ??
39.0 ??
38.2.0 ??
38.1.1 ??
38.1.0 ??
38.0.5
Privacy: Keep track of articles and videos with ???Pocket???
Privacy: Share the active tab or window in a Hello conversation
Noteworthy improvement: Clean formatting for articles and blog posts with Reader View
38.0.1
a few fixes
see also https://mike.kaply.com/2015/05/05/firefox-esr-38-overview/
38.0
UI: preferences moved from separate window to a tab
unclear: Ruby annotation support
https://hacks.mozilla.org/2015/03/ruby-support-in-firefox-developer-edition-38/
unclear: Improved page load times via speculative connection warmup
unclear: BroadcastChannel API implemented
https://hacks.mozilla.org/2015/02/broadcastchannel-api-in-firefox-38/
unclear: Implemented Encrypted Media Extensions (EME) API to support
encrypted HTML5 video/audio playback (Windows Vista or later only)
https://support.mozilla.org/kb/enable-drm
wtf: Automatically download Adobe Primetime Content Decryption Module (CDM)
for DRM playback through EME (Windows Vista or later only)
https://support.mozilla.org/kb/enable-drm
unclear: WebRTC now has multistream and renegotiation support
present for hackers: Implemented DOM3 Events KeyboardEvent.code
37.0.2
several fixes
37.0.1
disabled Disabled HTTP/2 AltSvc
37.0
phone home & UI: pop-up request for rating ("Heartbeat", feedback system)
https://wiki.mozilla.org/Advocacy/heartbeat
disable: pref ("browser.selfsupport.url", "")
phone home: OneCRL centralized certificate revocation
Compatibility: Opportunistically encrypt HTTP traffic where the server supports HTTP/2 AltSvc
https://bitsup.blogspot.com/2015/03/opportunistic-encryption-for-firefox.html
UI: Yandex set as default search provider for the Turkish locale
36.0.4
one security fix
36.0.3
one security fix
36.0.1
several fixes
36.0
Compatibility: No longer accept insecure RC4 ciphers whenever possible
Compatibility: Phasing out Certificates with 1024-bit RSA Keys
Compatibility: some addons might fail
https://blog.mozilla.org/addons/2015/01/13/compatibility-for-firefox-36/
UI: For users who removed the Share & Hello buttons, this new version brings them back unexpectedly
(https://bugzilla.mozilla.org/show_bug.cgi?id=1136300)
35.0.1
lots of bug fixes
35.0
Feature: Firefox Hello with new ???rooms-based conversations model???
Feature: Access the Firefox Marketplace from the Tools menu and optional toolbar button
UI: "New search UI improved and enabled for more locales", whatever that means
UI & Compatibility: Plugin-Finder-Service removed
Firefox will not offer to install missing plugins, for example the Flash player, if a web page needs it.
MISSING IN THE RELEASE NOTES!
34.0.5
UI: Default search engine changed to Yahoo! for North America
34.0
Feature: Firefox ???Hello??? real-time communication client
disable: loop.enabled = false
UI: Default search engine changed to Yandex for Belarusian, Kazakh, and Russian locales
UI: "Improved search bar (en-US only)", whatever that means
Compatibility: Disabled SSLv3
Version 33
phone home: if you enter a one-word URL, Firefox will do a web search, instead of going to that server. You can whitelist URLs by creating a boolean pref with name "browser.fixup.domainwhitelist.",
followed by the word to be whitelisted.
More info: "snappier searches".
phone home: search suggestions on the Firefox Start (about:home) and new tab (about:newtab) pages.
feature: video-format H.264 using a binary plugin from Cisco (running in a sandbox). to disable it: set media.gmp-gmpopenh264.enabled to false,
to remove it: set media.gmp-gmpopenh264.provider.enabled to false.
lots of bloat, for example cubic-bezier curves editor (only for developers).
Version 32
phone home: malware download detection (see v31) now sends file-info to Google.
new cache
leaves old cache data on disk, and makes its own read-ahead.
password manager stores historical use information (why?).
security enhancement:
public key pinning
(static list of CAs responsible for some selected sites).
compatibility: the installer deletes the directory 'distribution'.
compatibility: preferences capability.policy.* removed (except checkloaduri for file:// URIs).
security: detect malware downloads
with local white & blacklist.
Can be disabled by settting browser.safebrowsing.appRepURL to empty string,
or by disabling the whole safebrowsing feature.
Plugins
needwhitelisting,
otherwise they are blocked (click-to-play).
Flash is not on the whitelist.
This does not affect plugins that are part of an extension.
UI: sidebars button "enables faster access to social, bookmark, & history sidebars".
compatibility: outdated and insecure NTLM-authentication deactivated.
compatibility: breaks Citrix Receiver.
Version 29
new sync for bookmarks, history, passwords, open tabs.
Incompatible with old sync, no migration available so far, requires new Firefox account, different setup method. If you had disabled sync by hiding its setup,
this change probably makes it reachable again.
The Firefox menu on the left was replaced with a rectangle full of tiles on the right.
The big orange menu button in the upper left corner was replaced with a
small line-triplett
on the right side of the address bar. The original main menu from the time before the orange button
can still be re-enabled (F10, View, Toolbars, Menu Bar), and the triple-line thingy
can be removed with "#PanelUI-button {display:none !important}" in userChrome.css.
The what's new
page for this version (shown on the first run) contains a slideshow (only if viewed with Firefox 29),
which explains the new UI, highlights the new "menu"-"button", and shows the tiles. Even if you usually have the "what's new" page disabled, for this version it probably
is important to let it show up. The relevant pref is "browser.startup.homepage_override.mstone".
The add-on bar was removed, its contents were moved to the navigation bar. Some addons do not like this, need an update.
This sounds like trying to salvage the UI of the abandoned Metro-app, by implanting it into the desktop version.
The addon ClassicThemeRestorer
can undo many Australis-changes.
Pale Moon is a free clone of Firefox that will keep the
standard user interface.
supports videocodec VP9 and audiocodec Opus for WebM videos.
removed support for spdy/2.
Version 27
better encryption: enabled TLS 1.1
and TLS 1.2 by default. If some web pages stop working, change "security.tls.version.max" temporarily back from 3 to 1.
optional faster transfer protocol: added support for
SPDY 3.1.
Version 26
Java: ClickToPlay (to be extended to all plugins, except latest flash) workaround: java whitelist deployment.
Update-Service fixed: Silent automatic updates now work, even if users have no write permission. If you do not want auto-updates: double-check that "app.update.enabled" is locked to false.
Version 25
Feature 'welcome back' offers to erase the profile if it is older than 60 days. The most important part of every automatic function is the switch to turn it off:
lockPref("browser.disableResetPrompt", true);
UI: several options removed (javascript, load images, always show tab bar)
UI: logo updated
Version 22
Feature: WebRTC enables voice chat and telephone calls inside the browser.
Privacy: and it allows to find your real IP address, even if you go through a VPN. disable: media.peerconnection.enabled = false
Feature: connect speculatively to the server, before you actually click on a link
(more info)
Privacy: and it allows to spy on you, for example spammers can verify your email address
(explanation)
disable: network.http.speculative-parallel-limit = 0
(source)
Version 21
Config Compatibility: again
majorchanges
in directory structure. The file 'override.ini' and the directories 'defaults/preferences', 'defaults/profile',
'extensions', 'plugins', and 'searchplugins' have been moved to a newly created subdirectory 'browser'.
The function of the directory 'plugin'
can be restored
by setting the pref 'plugins.load_appdir_plugins' to true.
It is still possible to set the AutoConfig-prefs 'general.config.filename' and '.obscure_value' in 'defaults/pref'.
UI: Download does not open new window, flashes green arrow
Feature: can access camera and microphone
Feature: Private Browsing now per-window
Version 19
Feature: PDF-viewer built in You can disable this by setting the pref pdfjs.disabled to true
ESR 17
Version 14
Config Compatibility: directory structure changed, ignores your preference settings. Some config files from defaults/pref must be moved to defaults/preferences
to be effective. That new directory does not exist, you must create it.
It is still possible to set the Autoconfig-prefs 'general.config.filename' and '.obscure_value'
in a file in defaults/pref. By the way its filename should start with letter a, for example 'autoconfig.js'.
Feature: reset profile. Can be triggered from about:support, and from the
safe mode dialog (automatically triggered after consecutive startup crashes). Do not deploy Firefox profiles by putting them into
default user profile, and do not use add-user scripts to modify them.
Mozilla recommends to use the directory 'browser/defaults',
or the autoconfig feature. Settings made there will survive the reset.