Firefox 67.0.4 und Firefox ESR 60.7.2

Posted on 2019-06-21 by guenni

Mozilla[German]A few days ago the Mozilla developers first released the update to version 67.0.3 for the browser (see Firefox 67.0.3 and Firefox ESR 60.7.1), now the security update to version 67.0.4 (or ESR 60.7.2) has been released.

Advertising

Thanks to the German and English blog readers who notified me via comments. Mozilla has posted details of the June 20, 2019 changes in the browser in the release notes. The update was required because a vulerability in the browser was closed.

CVE-2019-11708: sandbox escape using Prompt:Open

The vulnerability allows an outbreak in Firefox 67.0.3 and Firefox ESR 60.7.1 or earlier from the sandbox. This is due to insufficient checking of parameters passed between child and parent processes using the Prompt:Open IPC message. This can cause the parent process not running in the sandbox to open web content selected by a compromised child process. Combined with additional vulnerabilities, this can cause arbitrary code to run on the user's computer.

Advertising
This entry was posted in browser, Security, Software, Update and tagged , , . Bookmark the permalink.

One Response to Firefox 67.0.4 und Firefox ESR 60.7.2

  1. krzemien says:
    2019-06-21 at 9:25

    You gotta continually think who is testing it all – one release after another within 24 hours or so…!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).