Oct. 13, 2019 Andrey Cherepanov 68.1.2-alt1
- New version (68.1.2).
- Fixed:
+ CVE-2019-11739 Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message
+ CVE-2019-11746 Use-after-free while manipulating video
+ CVE-2019-11744 XSS by breaking out of title and textarea elements using innerHTML
+ CVE-2019-11742 Same-origin policy violation with SVG filters and canvas to steal cross-origin images
+ CVE-2019-11752 Use-after-free while extracting a key value in IndexedDB
+ CVE-2019-11743 Cross-origin access to unload event attributes
+ CVE-2019-11740 Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9
+ CVE-2019-11755 Spoofing a message author via a crafted S/MIME message