91.6.0-alt1 built Feb. 16, 2022 Pavel Vasenkov in task #295122
Feb. 9, 2022 Pavel Vasenkov
- New ESR version.
- Security fixes:
+ CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service
+ CVE-2022-22754 Extensions could have bypassed permission confirmation during update
+ CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable
+ CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements
+ CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types
+ CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages
+ CVE-2022-22763 Script Execution during invalid object state
+ CVE-2022-22764 Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6