Firefox 67.0.4 und Firefox ESR 60.7.2

Mozilla[German]A few days ago the Mozilla developers first released the update to version 67.0.3 for the browser (see Firefox 67.0.3 and Firefox ESR 60.7.1), now the security update to version 67.0.4 (or ESR 60.7.2) has been released.


Advertising

Thanks to the German and English blog readers who notified me via comments. Mozilla has posted details of the June 20, 2019 changes in the browser in the release notes. The update was required because a vulerability in the browser was closed.

CVE-2019-11708: sandbox escape using Prompt:Open

The vulnerability allows an outbreak in Firefox 67.0.3 and Firefox ESR 60.7.1 or earlier from the sandbox. This is due to insufficient checking of parameters passed between child and parent processes using the Prompt:Open IPC message. This can cause the parent process not running in the sandbox to open web content selected by a compromised child process. Combined with additional vulnerabilities, this can cause arbitrary code to run on the user's computer.


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in browser, Security, Software, Update and tagged , , . Bookmark the permalink.

1 Response to Firefox 67.0.4 und Firefox ESR 60.7.2

  1. krzemien says:

    You gotta continually think who is testing it all – one release after another within 24 hours or so…!

Leave a Reply

Your email address will not be published.