[German]Mozilla developers have released version 84.0.2 and 78.6.1 ESR of the Firefox browser on January 6, 2021. These are security updates for the browser. Here is an overview of the updates.
Advertising
Firefox 84.0.2
The release notes mention only one security fix, which is described here. In older versions of the browser, there is a use-after-free write vulnerability (CVE-2020-16044) in the handling of a malicious COOKIE-ECHO SCTP chunk. A malicious peer could have modified a COOKIE-ECHO chunk in an SCTP packet in a way that could potentially lead to a use-after-free error. The developers suspect that with enough effort, this could have been exploited to execute arbitrary code.
Firefox 78.6.1 esr
An update to Firefox 78.6.1 esr with one year of long-term support was also provided with the same vulnerability fixed. Firefox 84.0.2 and 78.6.1 esr can be downloaded from this web page (choose the variant from the list boxes shown). The updates are also available for direct download.
- Firefox 84.0.2: Download Installer
- Firefox 78.6.1 esr: Download Installer
