Firefox 85.0.1 and 78.7.1 ESR released

Mozilla[German]The Mozilla developers have released version 85.0.1 and 78.7.1 ESR of the Firefox browser on February 5, 2021. This is a security update that fixes vulnerabilities, but also aims to fix bugs.


Advertising

German blog reader Gerold pointed out this update in this comment a few hours ago – thanks for that.  Here's a quick overview of the fixes.

Firefox 85.0.1

According to the release notes of version 85.0.1, the update closes a vulnerability rated as critical (a buffer overflow in depth raster calculations for compressed textures). Interestingly, in Firefox 85.0.1 the Mozilla developers have addressed the issue I raised in the blog post Windows 10: Vulnerability allows to destroy NTFS media content. Here is the list of bug fixes:

  • Prevent access to NTFS special paths that could lead to filesystem corruption.
  • Fixed a crash when authenticating to websites using SPNEGO on macOS devices with Apple Silicon CPUs (bug 1685427).
  • Avoid printing an extra blank page at the end of some documents (bug 1689789).
  • Fixed a browser crash in case of unexpected Cache API state (bug 1684838).
  • Fixed external URL scheme handlers when using the Firefox flatpak (bug 1688966)

Firefox 78.7.1 esr

An update of Firefox 78.7.1 esr with one year of long-term support has also been provided with the same vulnerability fixed. Firefox 85.0.1 and 78.7.1 ESR can be downloaded from this web page (choose the variant from the list boxes displayed). The updates are also available for direct download.

Currently, browser-updates are recommended, see Chrome 88.0.4324.150 fixes one critical and Edge 88.0.705.62 seven vulnerabilities, 0-day in IE.


Advertising

This entry was posted in browser, Security, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).