Firefox 3.0.8 now available
Mozilla have released Firefox 3.0.8. The new version, which was announced on Thursday, was due next week, but Mozilla's "high priority fire drill security update" procedures have delivered the security fixes early.
The update, available for Windows, Mac OS X and Linux, fixes two security holes. One is the previously reported XSL Transformation vulnerability discovered by Guido Landi. According to the advisory, the problem had previously been reported as a stability issue by an Ubuntu community member.
The other vulnerability is an arbitrary code execution issue related to the XUL
tree method. This issue was discovered and used by Nils at the Pwn2Own 2009 competition as part of his trifecta of browser exploits. Release notes for Firefox 3.0.8 are available.