Firefox 84.0.2 and 78.6.1 ESR released

Mozilla[German]Mozilla developers have released version 84.0.2 and 78.6.1 ESR of the Firefox browser on January 6, 2021. These are security updates for the browser. Here is an overview of the updates.


Advertising

Firefox 84.0.2

The release notes mention only one security fix, which is described here. In older versions of the browser, there is a use-after-free write vulnerability (CVE-2020-16044) in the handling of a malicious COOKIE-ECHO SCTP chunk. A malicious peer could have modified a COOKIE-ECHO chunk in an SCTP packet in a way that could potentially lead to a use-after-free error. The developers suspect that with enough effort, this could have been exploited to execute arbitrary code.

Firefox 78.6.1 esr

An update to Firefox 78.6.1 esr with one year of long-term support was also provided with the same vulnerability fixed. Firefox 84.0.2 and 78.6.1 esr can be downloaded from this web page (choose the variant from the list boxes shown). The updates are also available for direct download. 


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in browser, Security, Software, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.