May 4, 2022 Pavel Vasenkov 91.9.0-alt1
- New ESR version.
- Security fixes:
+ CVE-2022-29914 Fullscreen notification bypass using popups
+ CVE-2022-29909 Bypassing permission prompt in nested browsing contexts
+ CVE-2022-29916 Leaking browser history with CSS variables
+ CVE-2022-29911 iframe Sandbox bypass
+ CVE-2022-29912 Reader mode bypassed SameSite cookies
+ CVE-2022-29917 Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9