I found a fix for this problem.
In program/include/session.inc one can see:
$cookie = session_get_cookie_params();
setcookie(session_name(), $random, $cookie['lifetime'], $cookie['path']);
However, $cookie['lifetime'] means cookie lifetime in seconds and using it like this sets cookie expiration
to a few seconds after 1/1/1970, 00:00:00
the line should be:
setcookie(session_name(), $random, time()+$cookie['lifetime'], $cookie['path']);
it worked well under Firefox and Safari.