#CVE-2018-5108: Manually entered blob URL can be accessed by subsequent private browsing tabs.#CVE-2018-5107: Printing process will follow symlinks for local file access.#CVE-2018-5106: Developer Tools can expose style editor information cross-origin through service worker.#CVE-2018-5105: WebExtensions can save and execute files on local file system without user prompts.#CVE-2018-5104: Use-after-free during font face manipulation.#CVE-2018-5103: Use-after-free during mouse event handling.#CVE-2018-5102: Use-after-free in HTML media elements.#CVE-2018-5101: Use-after-free with floating first-letter style elements.#CVE-2018-5100: Use-after-free when IsPotentiallyScrollable arguments are freed from memory.#CVE-2018-5099: Use-after-free with widget listener.#CVE-2018-5098: Use-after-free while manipulating form input elements.#CVE-2018-5097: Use-after-free when source document is manipulated during XSLT.#CVE-2018-5095: Integer overflow in Skia library during edge builder allocation.#CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory.#CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing.#CVE-2018-5092: Use-after-free in Web Workers.#CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6.#CVE-2018-5090: Memory safety bugs fixed in Firefox 58.#CVE-2018-5091: Use-after-free with DTMF timers.The update comprises three (3) critical, thirteen (13) high, thirteen (13) moderate and three (3) low security updates.ĮSR was updated to version 52.6.0 and included the critical update for CVE-2018-5089. Mozilla sent Firefox Version 58.0 to the release channel today. Common questions after updating Firefox.If you do not use the English language version, Fully Localized Versions are available for download. To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. Users running certain screen readers may experience performance issues and are advised to use Firefox ESR until performance issues are resolved in an upcoming future release.Users running Firefox for Windows over a Remote Desktop Connection (RDP) may find that audio playback is disabled due to increased security restrictions.Arbitrary code execution through unsanitized browser UI.With Windows Defender Exploit Protection or Webroot security products). The critical security update was issued to fix Bug 1433065 which resulted in Firefox 58 not loading any pages (including about: pages) when using certain non-default security policies on Windows (for example Mozilla sent Firefox Version 58.0.1 to the release channel today.
0 kommentar(er)
