Yesterday Mozilla released Firefox 5.0 as part of its rapid development cycle. This has implications for Firefox 4.x users.
What implications? Well, basically the upshot is that Firefox 5.0 is a security update for Firefox 4.x users (Firefox 4.0 and it's only update, Firefox 4.0.1 which was released in April). This means that is Fireflx 4.x users want access to security fixes, they need to upgrade to 5.0.
This has been confirmed by Asa Dotzler, community coordinator for Firefox marketing projects, on Mozilla's mailing list:
That being said, there already has been a 4.0.x release and there may be another if a critical security issue arises that requires a "chemspill" unplanned emergency fix. But that would be an *unplanned* emergency release and not a planned one. The planned security update for Firefox 4 is Firefox 5.
So, unless Mozilla release an unplanned emergency fix for the Firefox 4.x line (I like the name "chemspill"), users will need to go up to 5.0 for the security patches.
Worried about extension compatibility? According to Mozilla some 80% of extensions are compatible with this release, but that still leaves a good number of extensions that are currently incompatible. If you rely on certain extensions, then you could be caught between the rock of workflow disruption versus the hard place of exploitable security issues.