This is a maintenance update, upgrade now

Apr 7, 2015 14:56 GMT  ·  By

Details about a number of Firefox vulnerabilities and a new Firefox in its Ubuntu 14.04 LTS and Ubuntu 12.04 LTS operating systems have been revealed by Canonical, and the company has pushed a version of the software into the repositories.

A new Firefox version has been released, and the Ubuntu maintainers have been quick to push the latest packages in the repositories. Firefox 37.0.1 has been out for a couple of days, but it's now available with the help of a system update.

According to the Ubuntu security report, "Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some circumstances. A remote attacker could potentially exploit this to conduct a man in the middle attack."

You can see more specifics about this particular release in our initial report on the Firefox release. For a more detailed description of the security issue, you can check out Canonical's security notification.

Alternatively, you can download Mozilla Firefox 37.0.1 right now from Softpedia, but this is just the binary file and users won't be able to install it, just run it. It’s also possible that some of the add-ons will stop working altogether.