Mozilla Firefox Version 77.0 Released With Security Updates

Mozilla sent Firefox Version 77.0 to the release channel today.  The update included seven (7) security updates of which five (5) are high, one (1) moderate and one (1) is low in severity.

Also released was Firefox ESR Version 68.9.

High

• #CVE-2020-12399: Timing attack on DSA signatures in NSS library
• #CVE-2020-12405: Use-after-free in SharedWorkerService
• #CVE-2020-12406: JavaScript type confusion with NativeTypes
• #CVE-2020-12409: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9
• #CVE-2020-12411: Memory safety bugs fixed in Firefox 77

Moderate

• #CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS directive

Low

• #CVE-2020-12408: URL spoofing when using IP addresses

New

• Pocket recommendations, featuring some of the best stories on the web, will appear on the Firefox new tab for our users in the UK. If you don’t see them, you can turn on Pocket articles in your new tab, follow these steps.
• WebRender continues its roll out to more Firefox for Windows users, now available by default on Windows 10 laptops running on Nvidia GPUs with medium (<= 3440x1440) and large screens (> 3440x1440).
• You can view and manage web certificates more easily on the new about:certificate page.

References

• Common questions after updating Firefox
• Security Updates
• Release Notes
• Rapid Release Calendar

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...