The critical issues included potential remote code execution triggered by a maliciously formed PNG image, malicious CSS coding, or malicious web pages containing a very large number of items to be handled by plugins.
The high-impact vulnerabilities both had the potential to allow data to be 'stolen' from one site by another.
The moderate issues related to data being accessible across domains, methods for spoofing the contents of the location bar, and a text handling flaw that might be used in cross-site scripting attacks.
A number of unspecified stability fixes are also included in the update.
The full installer can be downloaded here.