Feb. 12, 2020 Andrey Cherepanov 68.5.0-alt1
- New ESR version (68.5.0).
- Fixed:
+ CVE-2020-6796 Missing bounds check on shared memory read in the parent process
+ CVE-2020-6797 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
+ CVE-2020-6798 Incorrect parsing of template tag could result in JavaScript injection
+ CVE-2020-6799 Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
+ CVE-2020-6800 Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5