This week Firefox 62 has been released. Users who are still using Firefox 61 should update. Firefox 61 has a number of vulnerabilities that are fixed in version 62.
Advertising
On this Security Advisory page the vulnerabilities of Firefox 61 fixed in Firefox 62 are listed.
- CVE-2018-12377: Use-after-free in refresh driver timers
- CVE-2018-12378: Use-after-free in IndexedDB
- CVE-2018-12379: Out-of-bounds write with malicious MAR file
- CVE-2017-16541: Proxy bypass using automount and autofs
- CVE-2018-12381: Dragging and dropping Outlook email message results in page navigation
- CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android
- CVE-2018-12383: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
- CVE-2018-12375: Memory safety bugs fixed in Firefox 62
- CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
A discussion of the vulnerabilities can also be found in WordFence blog.
Advertising