Version history for Waterfox (64-bit PortableApps)
<<Back to software description
Changes for v56.1.0 - v56.2.0
- Mozilla Foundation Security Advisories patched:
- 2018-11
- 2018-10
- General Desktop
- Remove Google Play Services from Android (will now be able to add to F-Droid!)
- Stylo is now built, but disabled by default.
- Rust components are now built with optimisations.
- Updated various media codecs.
- Back ported performance improvements for JavaScript (should now stop the high CPU usage!)
- Tested a new way to keep Waterfox components up to date with the release branch of Firefox (includes security and performance upgrades for the components):
- Freetype2
- Skia
- svg.context-properties.content.enabled is now true by default.
- Fingerprint option now disguises Waterfox as Firefox 60.
Changes for v56.0.1 - v56.0.2
- e10s will now be disabled when using add-ons that aren’t marked compatibly with e10s.
- Updated libcubeb library to prevent audio issues on new Windows 10 builds.
- Mozilla Foundation Security Advisory Patches:
- 2018-01
- 2017-29
- Fix default browser check (Thanks to jdunn0).
- Fix plugin issues due to checking .mozilla instead of .waterfox (Thanks to PhantomX).
- Fix of various white space issues thanks to jbeich.
Changes for v55.2.2 - v56.0.1
- Waterfox now uses its own profile directory. If you have updated from an automatic update, you will get a prompt to import your data to this new location after restarting the browser post update.
- As much of your data will try to be kept as possible.
- Location on macOS: ~/Library/Application Support/Waterfox
- Location on Linux: ~/.waterfox/
- Location on Windows: %APPDATA%\Waterfox
- If you use a different than default location for Firefox, you should be able to just update the profile.ini in the new Waterfox profile location to carry on using that location.
- What’s new in Waterfox 56.0.1?
- Disabled e10s on older OS X builds to prevent tab crashing.
- Updated Windows installer to show the MPL 2.0 and fixed executable description and icon.
- Security patches from newer 57 releases
- Bug 1402372
- Bug 1410106
- Added back
support for Java plugin users. - Added Privacy Policy and Legal to website to be more professional :-)
Changes for v55.1.0.1 - v55.2.1
- 55.2.1.1: Add hidden Mozilla extensions to blocklist
- 55.2.1.1: Stop calls to Mozilla Social API
- Patched crash on Windows 7 systems, from 56.0.1 release. Bug 1403353.
- Don’t build AUS Helper extension.
- Disable Battery Status API for privacy reasons.
- Update bundled search plugins to their OpenSearch equivalents where available.
- Revert to Ecosia as default, while issues are resolved with Yahoo.
- Update blocklist (extension, plugin and certificate).
- What’s new in Waterfox 55.2.0?
- Patched security issues from 52.4 ESR/56 Release. (Mozilla Security Advisories)
- Linux: Switched to an older build environment for better compatibility of libraries.
- Linux: No longer statically link libgcc.
- Linux: Backported patches for issues with FreeType.
- macOS: 10.13 has graphical issues with the GUI. Will wait for all patches to release before fixing in 56.
- Android: Download APK or from Google Play Store (slight delay).
- Yahoo is now the default search partner, but you may still use Ecosia to support Waterfox
Changes for v54.0.0.1 - v54.0.1
- Updated to Firefox 54.0.1
- Implemented Bug 1294490 to enable support of WebP images
- Block data being sent to Google Analytics on the internal about:addons page
Changes for v54.0 - v54.0.0.1
- Disable building of pingsender executable
- Give users choice to use Google’s Widevine CDM for HTML5 EME/DRM. Note: No proprietary binaries are included by default, they are optionally downloaded in Preferences > Content
Changes for v53.0.1 - v53.0.3
- Updated to Firefox 53.0.3
Changes for v53.0 - v53.0.1
- Remove limitations for Windows XP/Vista users. Built targetting SUBSYSTEM:5.02 (Windows XP quits immediately on start, probably due to unsupported features on XP. Vista runs fine with various features disabled)
- Use built in OS location services. This will require permissions from your OS, which should ask when Waterfox tries to utilise the API (tested on Windows 7+ and macOS, will get MLS API key as well for unsupported systems)
- Fixed add-on corruption issue on add-ons with no manifest ID
Changes for v51.0.1 - v52.0
- Temporarily reverted to MSVC on Windows
- Updated to Firefox 52.0
- Removed 64-Bit NPAPI Flash only limiation
- Pulled changes that fixed various issues with telemetry, startup performance and more. Big thanks to PandaCodex for their contributions!
- There is a small bug on about:home with the logo being misplaced which will be resolved in the next update.
Changes for v50.1.0 - v51.0
- Updated to Firefox 51 codebase
- Quality of Life feature: Select your language from Options (Preferences) > General > Locale! Language are now automatically bundled with Waterfox
- Quality of Life feature: Duplicate Tabs! Right Click and Select Duplicate Tab to access this feature
- Switched to O3 flag when compiling on macOS
- Disabled offline archiving of telemetry data
Changes for v50.0.2 - v50.1.0
- critical security updates!
Changes for v50.0 - v50.0.2
- Critical security updates, immediate update recommended
Changes for v49.0.2 - v50.0
- Waterfox is now built with Clang-cl thanks to the great progress made in the winclang bug
- Mac builds are now support to set OS X 10.4 as minimum supported version, but with no guarantee of running without issues
- Linux builds are now available to download and are built with Clang!
Changes for v48.0 - v48.0.1
- Temporarily reverted to Visual Studio 2015 due to some graphical issues with Clang.
- Implemented patch for Bug 1283274 - Avoid the wmode windowed -> opaque Flash workaround when we detect Flash async drawing support
- Fix wrong profile location on OS X.
Changes for v47.0.1 - v48.0
- Switched to Clang for Windows compilation. Things look much more promising than previous reports and stability seems good. Please report any issues and I’ll file bugzilla reports as this will help out Mozilla as well 🙂 This is a promising step to using a completely free/open-source build environment!
- Reverted Registry Entries to be the same location as Mozilla’s so 3rd party programs like Roboform can work again (might need to re-install Roboform or Waterfox again for example)
- Another attempt to fix unsigned extensions from not running. So hopefully they will now!
Changes for v47.0 - v47.0.1
- Updated codebase to 47.0.1
Changes for v46.0 - v47.0
- Fixed Netflix playing issues once more. It appears that Netflix compares user agent strings against the ability of that browser version to play EME. I’ve now set the user agent to pretend that Waterfox is Firefox 38, which seems to have fixed the issue once more.
Changes for v44.0.3 - v46.0
- Temporarily switched to Visual C++ compiler while Intel fix compiler bugs. Clang test have happened and will try out GCC as well.
- Re-enabled jemalloc
Changes for v44.0.2 - v44.0.3
- Disabled Tracking Protection for non-private browsing instances as it was breaking various pages relying on tracking cookies
- Disabled 64-Bit Plugin whitelist to allow all 64-Bit plugins to run
Changes for v43.0.1 - v43.0.4
- Fixed crashing that occured when a user didn’t have an exisiting Waterfox or Firefox profile.
- Update base code for Windows & Mac releases to Firefox 43.0.4
- Language packs are now available for download
Changes for v40.0.3 - v40.1.0
- MFSA 2015-96 Miscellaneous memory safety hazards
- MFSA 2015-97 Memory leak in mozTCPSocket to servers
- MFSA 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes
- MFSA 2015-101 Buffer overflow in libvpx while parsing vp9 format video
- MFSA 2015-102 Crash when using debugger with SavedStacks in JavaScript
- MFSA 2015-103 URL spoofing in reader mode
- MFSA 2015-104 Use-after-free with shared workers and IndexedDB
- MFSA 2015-105 Buffer overflow while decoding WebM video
- MFSA 2015-108 Scripted proxies can access inner window
- MFSA 2015-109 JavaScript immutable property enforcement can be bypassed
- MFSA 2015-110 Dragging and dropping images exposes final URL after redirects
- MFSA 2015-111 Errors in the handling of CORS preflight request headers
- MFSA 2015-112 Vulnerabilities found through code inspection
- MFSA 2015-113 Memory safety errors in libGLES in the ANGLE graphics library
- MFSA 2015-114 Information disclosure via the High Resolution Time API
- MFSA 2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
- MFSA 2015-117 Information disclosure through NTLM authentication
- MFSA 2015-118 CSP bypass due to permissive Reader mode whitelist
- MFSA 2015-121 Disabling scripts in Add-on SDK panels has no effect
- MFSA 2015-123 Buffer overflow during image interactions in canvas
- MFSA 2015-126 Crash when accessing HTML tables with accessibility tools on OS X
- MFSA 2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
- MFSA 2015-128 Memory corruption in libjar through zip files
- MFSA 2015-129 Certain escaped characters in host of Location-header are being treated as non-escaped
- MFSA 2015-130 JavaScript garbage collection crash with Java applet
- MFSA 2015-131 Vulnerabilities found through code inspection
- MFSA 2015-132 Mixed content WebSocket policy bypass through workers
- MFSA 2015-133 NSS and NSPR memory corruption issues
- Updates
- libjpeg-turbo to 1.4.2 from 1.4.0
- libpng to 1.6.18 from 1.6.16
- NSPR to 4.10.10 and NSS to 3.19.2.1
- Support for WebP (library version 0.4.4) images thanks to this patch. (Animated WebP not supported). Test WebP images out here.
- Changed
- Encrypted Media Extensions have been removed until properly supported on x64
- general.useragent.override. has been brought back!
- Fixed
- Netflix should now work properly
- Issues
- Some YouTube videos will take a very long time to start playing due to a CORS bug. This is fixed in Firefox codebase 42+
Changes for v39.0 - v40.0.2
- What’s new in Waterfox 40.0.2?
- Implemented the patch for Bug 1171966 that fixes slow animations in Firefox since 38
- New logo!
- Fixed an issue that hid the Refresh Waterfox button in about:support
- JavaScript stability should be much better than previous versions as I’ve managed to build properly with the new unified build system.
- Issues
- Some YouTube videos buffer indefinitely
- What’s new in Firefox 40.0.2?
- Features
- Support for Windows 10
- Enabled API allowing Windows 10 users to open settings dialog
- Added protection against unwanted software downloads
- User can receive suggested tiles in the new tab page based on categories Firefox matches to browsing history (en-US only).
- Hello allows adding a link to conversations to provide context on what the conversation will be about
- New style for add-on manager based on the in-content preferences style
- Improved scrolling, graphics, and video playback performance with off main thread compositing (GNU/Linux only)
- Graphic blocklist mechanism improved: Firefox version ranges can be specified, limiting the number of devices blocked
- Changes
- Add-on extensions that are not signed by Mozilla will display a warning
- NPAPI Plug-in performance improved via asynchronous initialization
- Smoother animation and scrolling with hardware vsync (Windows only)
- JPEG images use less memory when scaled and can be painted faster
- Sub-resources can no longer request HTTP authentication, thus protecting users from inadvertently disclosing login data
- HTML5
- IndexedDB transactions are now non-durable by default
- Implemented AudioBufferSourceNode.detune to modulate playback rate in cents, a logarithmic unit of measure used for musical intervals
- Developer
- Improved Performance tools in the developer tools: Waterfall view, Call Tree view and a Flame Chart view
- New rules view tooltip in the Inspector to tweak CSS Filter values
- Console API messages from SharedWorker and ServiceWorker are now displayed in web console
- New page ruler highlighting tool that displays lightweight horizontal and vertical rules on a page
- Inspector now searches across all content frames in a page
- Fixed
- Kannada text does not display properly in built-in pdf viewer
- mozalloc.lib was missing from the xulrunner package
- Fix a startup crash with some combination of hardware and drivers
- Various security fixes
Changes for v38.0 - v38.1.0
- fixed issues causing certain websites not to work correctly and fixed some JavaScript regressions
Changes for v36.0.4 - v37.0.1
- Build system updated to Visual C++ 2013 Update 4 and Intel C++ 14 Update 5
- Updated International Components for Unicode from 55 Milestone 1 to 55 Release
- Fixed broken vectorized code
- What’s new in 37.0 & 37.0.1 (Firefox)
- Improved protection against site impersonation via OneCRL centralized certificate revocation
- Opportunistically encrypt HTTP traffic where the server supports HTTP/2 AltSvc
- Disabled insecure TLS version fallback for site security
- Improved performance of WebGL rendering on Windows
- Improved certificate and TLS communication security by removing support for DSA
- Extended SSL error reporting for reporting non-certificate errors
- TLS False Start optimization now requires a cipher suite using AEAD construction
- Implemented a subset of the Media Source Extensions (MSE) API to allow native HTML5 playback on YouTube (Windows Vista or later only)
- Added support for CSS display:contents
- IndexedDB now accessible from worker threads
- New SDP/JSEP implementation in WebRTC
- Debug tabs opened in Chrome Desktop, Chrome for Android, and Safari for iOS
- New Inspector animations panel to control element animations
- New Security Panel included in Network Panel
- Debugger panel support for chrome:// and about:// URIs
- Added logging of weak ciphers to the web console
- Disabled HTTP/2 AltSvc
- Fixed Start-up crash due to graphics hardware and third party software
Changes for v36.0.1 - v36.0.4
- Fixed installer issues that didn’t let Vista users install Waterfox
- Fixes in 36.0.4 (Firefox)
- Security fixes for issues disclosed at HP Zero Day Initiative’s Pwn2Own contest
Changes for v36.0 - v36.0.1
- Fixes in 36.0.1 (Waterfox)
- Added experimental support for Vista 64-Bit
- Added support for Geolocation API
- Fixed a crash in the Mozilla code base that would cause TheGuardian.com to crash
- Fixes in 36.0.1 (Firefox)
- Disable the usage of the ANY DNS query type
- Fixed a startup crash with EMET
- Hello may become inactive until restart
- Print preferences may not be preserved
- Hello contact tabs may not be visible
- Accept hostnames that include an underscore character ("_")
- WebGL may use significant memory with Canvas2d
- Option -remote has been restored
- Fix a top crash
Changes for v35.0.1 - v36.0
- Support for HTML5 Gamepad standard
- Much improved memory allocation and leak plugs
- Now using Windows 8.1 SDK, added support for DirectX11 rendering if supporting hardware is present
- Updated International Components for Unicode from 54.1 to 55 Milestone 1
- What's new in 36.0 (Firefox)
- Support for the full HTTP/2 protocol. HTTP/2 enables a faster, more scalable, and more responsive web.
- -remote option removed
- No longer accept insecure RC4 ciphers whenever possible
- Phasing out Certificates with 1024-bit RSA Keys
- Shut down hangs will now show the crash reporter before exiting the program
- Support for the ECMAScript 6 Symbol data type added
- unicode-range CSS descriptor implemented
- object-fit and object-position implemented. Defines how and where the content of a replaced element is displayed
- isolation CSS property implemented. Create a new stacking context to isolate groups of boxes to control which blend together
- CSS3 will-change property implemented. Hints the browser of elements that will be modified. The browser will perform some performance optimization for these
- Changed JavaScript 'const' semantics to conform better to the ES6 specification. The const declaration is now block-scoped and requires an initializer. It also can not be redeclared anymore
- Improved ES6 generators for better performance
- Eval sources now appear in the Debugger Debug JavaScript code that is evaluated dynamically, either as a string passed to eval() or as a string passed to the Function constructor
- DOM Promises inspection
- Inspector: More paste options in markup view
- CSS gradients work on premultiplied colors
- Fix some unexpected logout from Facebook or Google after restart
- Various security fixes