The DNS leak problem in a simplified scenario: the domain name in the URL address has to be converted to an IP address before the http request can be made. The DNS conversion request and the http request are two separate process performed by different servers. If you have something to hide by using an http proxy, only the http request goes through the proxy. The DNS request may or may not go through the proxy. The implication is that, for example, someone monitoring your activities at your ISP knows approximately when and which websites you are visiting, even though your http requests are encrypted and your IP hidden by the proxy.
DNS leak should be a thing of the past ever since the preference network.proxy.socks_remote_dns was introduced in Firefox 3, the value of which should be set to true to avoid leaks via about:config. However there were some changes in around Firefox 3.5 that made DNS leak possible.
I suppose that the changes are: the DNS and http request are not synchronized or loosely synchronized. This should not affect anything if the proxy selection is static, like editing the Firefox proxy option by hand. DNS leak may occur in dynamic proxy switching add-ons like FoxyProxy. There were no leaks prior to around FF v3.5.
In dynamic switching add-ons, the proxy preference is switched for the http request, but revered to the previous Firefox setting after the request. I would think that the DNS request is made before the correct proxy is selected for the next http request. The previous FoxyProxy, the new Standard and Basic versions all leak DNS requests.
To avoid leaks in FoxyProxy, one must use a sock proxy, and check the global option to use the sock proxy for DNS.
However, one of the free and fast censorship circumvention system, ultrasurf, do not allow socks. In this case, simple and static switching should be used, such as Multiproxy Switch.
There is no DNS leak if you use a VPN - all network request goes through the VPN server. However, if you use a proxy on top of a VPN, any DNS leak from the proxy will be protected by the VPN, but not both.
I use Wireshark for testing. The simple capture filter should be set to "port 53" to capture DNS requests only.