Mozilla sent Firefox Version 104.0 to the release channel today. The update includes six security updates of which four (4) are rated high and two (2) are rated low.
Firefox ESR was updated to Version 91.13.
High
- #CVE-2022-38472: Address bar spoofing via XSLT error handling
- #CVE-2022-38473: Cross-origin XSLT Documents would have inherited the parent's permissions
- #CVE-2022-38477: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
- #CVE-2022-38478: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13
Low
New
Fixed
Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.
References
No comments:
Post a Comment