Dec. 23, 2019 Andrey Cherepanov 68.3.1-alt1
- New version (68.3.1).
- Fixed:
+ CVE-2019-17008 Use-after-free in worker destruction
+ CVE-2019-13722 Stack corruption due to incorrect number of arguments in WebRTC code
+ CVE-2019-11745 Out of bounds write in NSS when encrypting with a block cipher
+ CVE-2019-17009 Updater temporary files accessible to unprivileged processes
+ CVE-2019-17010 Use-after-free when performing device orientation checks
+ CVE-2019-17005 Buffer overflow in plain text serializer
+ CVE-2019-17011 Use-after-free when retrieving a document in antitracking
+ CVE-2019-17012 Memory safety bugs fixed in Firefox 71, Firefox ESR 68.3, and Thunderbird 68.3
- Enigmail 2.1.4.