Mozilla sent Firefox Version 108.0 to the release channel today. The update includes eight security updates of which four (4) are rated high, three (3) moderate, and one (1) rated low.
Firefox ESR was updated to Version 102.6.
High
#CVE-2022-46871: libusrsctp library out of date
#CVE-2022-46872: Arbitrary file read from a compromised content process
#CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
#CVE-2022-46879: Memory safety bugs fixed in Firefox 108
Moderate
#CVE-2022-46873: Firefox did not implement the CSP directive unsafe-hashes
#CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions
#CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
Low
#CVE-2022-46877: Fullscreen notification bypass
New
Import maps, which allow web pages to control the behavior of JavaScript imports, are now enabled by default.
Processes used for background tabs now use efficiency mode on Windows 11 to limit resource use.
The shift+esc keyboard shortcut now opens the Process Manager, offering a way to quickly identify processes that are using too many resources.
Improved frame scheduling when under load; this substantially improves Firefox’s MotionMark scores.
Fixed
Changed
Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.