trium Posted July 9, 2020 Share Posted July 9, 2020 ff v78.0.2 09. july 2020 Fixed Security fix Fixed an accessibility regression in reader mode (bug 1650922) Made the address bar more resilient to data corruption in the user profile (bug 1649981) Fixed a regression opening certain external applications (bug 1650162) Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted July 16, 2020 Moderators Share Posted July 16, 2020 Mozilla VPN Is Live: Five Things You Need to Know https://news.softpedia.com/news/mozilla-vpn-is-live-five-things-you-need-to-know-530546.shtml Support contact https://support.piriform.com/hc/en-us/requests/new?ticket_form_id=86507 support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted July 16, 2020 Moderators Share Posted July 16, 2020 What has it to do with Malwarebytes ?? Here is link for Mozilla VPN https://vpn.mozilla.org/ Support contact https://support.piriform.com/hc/en-us/requests/new?ticket_form_id=86507 support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators nukecad Posted July 16, 2020 Moderators Share Posted July 16, 2020 Sorry, early morning Brain Fade. I've removed that post. *** Out of Beer Error ->->-> Recovering Memory *** Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043 Link to comment Share on other sites More sharing options...
trium Posted August 4, 2020 Share Posted August 4, 2020 ff v79.0 28. july 2020 New We’ve rolled out WebRender to more Windows users with Intel and AMD GPUs, bringing improved graphics performance to an even larger audience. Firefox users in Germany will now see more Pocket recommendations in their new tab featuring some of the best stories on the web. If you don’t see them, you can turn on Pocket articles in your new tab by following these steps. Fixed Various security fixes. Several crashes while using a screen reader were fixed, including a frequently encountered crash when using the JAWS screen reader. Firefox Developer Tools received significant fixes allowing screen reader users to benefit from some of the tools that were previously inaccessible. SVG title and desc elements (labels and descriptions) are now correctly exposed to assistive technology products such as screen readers. Enterprise A number of bug fixes and new policies have been implemented in the latest version of Firefox. You can see more details in the Firefox for Enterprise 79 Release Notes. Updates to the password policy allow admins to require a primary password (formerly called master password. Previously the policy could disable the primary password but not force a primary password. Users required to use a primary password will only be asked to create a primary password the first time they try to save a password. Developer Developer Information Newly added asynchronous call stacks let developers trace their async code through events, timeouts, and promises. The async execution chains are shown in the Debugger’s call stack, but also for stack traces in Console errors and Network initiators. Erroneous network responses with 4xx/5xx status codes display as errors in the Console, making it easy to understand them in the context of related logs. The request/response details can be expanded or resent for quick debugging. JavaScript errors are now visible not only in the Console, but also in the Debugger. The relevant line of code will be highlighted and display error details on hover. Opening SCSS and CSS-in-JS sources from the Inspector now works more reliably thanks to improved source map handling across all panels. Inspecting accessibility properties from the browser context menu is now available to all users by default. Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted August 4, 2020 Share Posted August 4, 2020 ff v68.11.0 esr 28. july 2020 Fixed Various stability and security fixes Quote Security Vulnerabilities fixed in Firefox ESR 68.11 Announced July 28, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 68.11 #CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker Reporter Mikhail Oblozhikhin Impact high Description By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. References Bug 1634872 #CVE-2020-6514: WebRTC data channel leaks internal address to peer Reporter Natalie Silvanovich of Google Project Zero Impact high Description WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is often transmitted to the peer, which allows bypassing ASLR. References Bug 1642792 #CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture Reporter Reported by Pawel Wylecial of REDTEAM.PL Impact moderate Description Crafted media files could lead to a race in texture caches, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. References Bug 1635293 #CVE-2020-15650: Overwriting local files through malicious file picker application Reporter Pedro Oliveira Impact moderate Description Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile).Note: This issue only affected Firefox for Android. Other operating systems are unaffected. References Bug 1652360 #CVE-2020-15649: Exfiltrating local files through malicious file picker application Reporter Pedro Oliveira Impact moderate Description Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked.Note: This issue only affected Firefox for Android. Other operating systems are unaffected. References Bug 1652364 #CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 Reporter Mozilla developers Impact high Description Mozilla developers Jason Kratzer and Luke Wagner reported memory safety bugs present in Firefox 78 and Firefox ESR 68.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted August 12, 2020 Moderators Share Posted August 12, 2020 I strongly suggest FF users read this. Especially the comments under the article... it doesn't sound good. https://www.ghacks.net/2020/08/11/mozilla-lays-off-250-employees-in-massive-company-reorganization/ In case anyone misses this link too in the comments under the article https://twitter.com/MichalPurzynski/status/1293220570885062657 ''They killed entire threat management team. Mozilla is now without detection and incident response'' Support contact https://support.piriform.com/hc/en-us/requests/new?ticket_form_id=86507 support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators Andavari Posted August 12, 2020 Moderators Share Posted August 12, 2020 Reminds me of what I was saying the other day about needing browser alternatives instead of umpteen Chromium/Chrome clones (i.e.; like needing something like Edge Legacy), I thought Firefox was on borrowed time now this. Link to comment Share on other sites More sharing options...
Moderators nukecad Posted August 12, 2020 Moderators Share Posted August 12, 2020 A lot of companies seem to be using C-19 as an excuse to do what they wanted to anyway. (Laying off staff, cutting product ranges, increasing prices, etc). Much easier to blame 'the plauge' rather than admit it's a business decision. Did you see the other day that Eurostar claimed that only First Class passengers could now access wifi on their cross-channel trains "due to coronavirus"? Hard to see how a disease in humans could affect in-tunnel wifi broadcast for some parts of a train but not others, but of course if you pay the extra for first class..... (They have since u-turned and restored wifi to standard class, they must have found a miracle cure). As far as mozilla, I suspect that someone has realised that the open source community seem to do most of their work for them so why are they paying all these employees? The comments about the diversity of new (unwanted?) initiatives and products rather than concentrating on the core product is something that always happens. (Years ago Kellogs moving into other cereals and not just cornflakes simply lost them most of the cornflake market). It seems to be happening with quite a few software companies at the moment, I see it as a wave of 'new' executives trying to make an impression by championing new products and forgetting what the company is about. I see Firefox continuing, run by the open source community, but mozilla maybe not. I'm not sure about the security issue, not knowing just what that team were doing anyway, we'll see what comes out in the wash once all the shouting dies down. With Malwarebytes Browser Guard and MB Anti-Exploit both running real time, I'm not too worried yet. *** Out of Beer Error ->->-> Recovering Memory *** Worried about 'Tracking Files'? Worried about why some files come back after cleaning? See this link:https://community.ccleaner.com/topic/52668-tracking-files/?tab=comments#comment-300043 Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted August 12, 2020 Moderators Share Posted August 12, 2020 I think Firefox is in trouble. People are moving to other browsers because of problems the latest builds have caused. Support contact https://support.piriform.com/hc/en-us/requests/new?ticket_form_id=86507 support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators Andavari Posted August 12, 2020 Moderators Share Posted August 12, 2020 3 hours ago, hazelnut said: I think Firefox is in trouble. People are moving to other browsers because of problems the latest builds have caused. That's why I've been using ESR Portable builds for a few years now. It's still my primary browser but it was difficult to migrate back to it after years of only using Chromium clones. Link to comment Share on other sites More sharing options...
nikki605 Posted August 14, 2020 Share Posted August 14, 2020 Another article here: https://www.theregister.com/2020/08/14/mozilla_google_search/ Win10 Pro x64 Desktop (Speccy) - Win10 Pro x64 Laptop (Speccy) Link to comment Share on other sites More sharing options...
nikki605 Posted August 14, 2020 Share Posted August 14, 2020 FWIW Mozilla just told us it will use Rust directly within Firefox rather than in a separate Servo project: "Going forward, we will be writing many new browser components in Rust directly in Firefox rather than in a separate project." Tweet from The Register: Win10 Pro x64 Desktop (Speccy) - Win10 Pro x64 Laptop (Speccy) Link to comment Share on other sites More sharing options...
namarang Posted August 27, 2020 Share Posted August 27, 2020 Hello friends How can I set the Mozillar history section like Chrome to display all of yesterday's work every day I turn on the system? Link to comment Share on other sites More sharing options...
namarang Posted August 27, 2020 Share Posted August 27, 2020 (edited) Does Mozillar have a language translator like Chrome? Edited August 27, 2020 by namarang Link to comment Share on other sites More sharing options...
trium Posted August 28, 2020 Share Posted August 28, 2020 @namarang im afraid I can't give you any helpful statements for that ... i dont use such options with firefox. perhaps can help some of the others here Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted August 28, 2020 Share Posted August 28, 2020 ff v80.0 25. august 2020 New Firefox can now be set as the default system PDF viewer. The name reported by accessibility tools for items in multi-tiered tree controls no longer incorrectly includes information from items at deeper levels, providing users with the correct level of content when using a screen reader. Fixed Various security fixes. Several crashes while using a screen reader were fixed including a frequently encountered crash when using the JAWS screen reader. Firefox Developer Tools received significant fixes allowing screen reader users to benefit from some of the tools that were previously inaccessible. SVG title and desc elements (labels and descriptions) are now correctly exposed to assistive technology products such as screen readers. Changed For users with reduced motion settings, we’ve reduced a number of animations such as tab loading to reduce motion for users with migraines and epilepsy. The new add-ons blocklist has been enabled to improve performance and scalability. Enterprise A number of bug fixes and new policies have been implemented in the latest version of Firefox. You can see more details in the Firefox for Enterprise 80 Release Notes. Today’s release is the final scheduled for Firefox 68 ESR (68.12) unless there is a critical security issue found prior to the release of Firefox ESR 78.3 on September 22, 2020. Users of Firefox 68 ESR will be automatically upgraded to the Firefox 78 ESR series with the release of 78.3. Developer Developer Information We’ve shipped an experimental sidebar panel in the inspector to Firefox Developer Edition that helps developers more quickly identify potential browser compatibility problems based on MDN data. In the Network Monitor request list, a turtle icon is shown for "slow" requests that exceed a threshold for the waiting time. Firefox now supports RTX and Transport-cc for improved call quality in poor network conditions and better bandwidth estimation. These features also provide better compatibility with many websites using WebRTC. Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted August 28, 2020 Share Posted August 28, 2020 ff v68.12.0 esr 25. august 2020 Fixed Various security fixes Quote Security Vulnerabilities fixed in Firefox ESR 68.12 Announced August 25, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 68.12 #CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege Reporter Xiaoyin Liu Impact high Description If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges.Note: This issue only affected Windows operating systems. Other operating systems are unaffected. References Bug 1643199 #CVE-2020-15664: Attacker-induced prompt for extension installation Reporter Kaizer Soze Impact high Description By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. References Bug 1658214 #CVE-2020-15669: Use-After-Free when aborting an operation Reporter Jason Kratzer Impact high Description When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. References Bug 1656957 Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted September 3, 2020 Share Posted September 3, 2020 ff v80.0.1 01. sept 2020 Fixed Fixed a performance regression when encountering new intermediate CA certificates (bug 1661543) Fixed crashes possibly related to GPU resets (bug 1627616) Fixed rendering on some sites using WebGL (bug 1659225) Fixed the zoom-in keyboard shortcut on Japanese language builds (bug 1661895) Fixed download issues related to extensions and cookies (bug 1655190) Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted September 30, 2020 Share Posted September 30, 2020 ff v81.0 22. sept. 2020 New You can pause and play audio or video in Firefox right from your keyboard or headset, giving you easy access to control your media when in another Firefox tab, another program, or even when your computer is locked. In addition to our default, dark and light themes, with this release, Firefox introduces the Alpenglow theme: a colorful appearance for buttons, menus, and windows. You can update your Firefox themes under settings or preferences. For our users in the US and Canada, Firefox can now save, manage, and auto-fill credit card information for you, making shopping on Firefox ever more convenient. To ensure the smoothest experience, this will be rolling out to users gradually. Firefox supports AcroForm, which will soon allow you to fill in, print, and save supported PDF forms and the PDF viewer also has a new fresh look. Our users in Austria, Belgium and Switzerland using the German version of Firefox will now see Pocket recommendations in their new tab featuring some of the best stories on the web. If you don’t see them, you can turn on Pocket articles in your new tab by following these steps. In addition to Firefox’s new tab, Pocket is also available as an app on iOS and Android. Fixed Various security fixes. We’ve fixed a bug for users of language packs where the default language was reset to English after Firefox updates. Browser native HTML5 audio/video controls received several important accessibility fixes: Audio/video controls remain accessible to screen readers even when they are temporarily hidden visually. Audio/video elapsed and total time are now accessible to screen readers where they weren't previously. Various unlabelled controls are now labelled making them identifiable to screen readers. Screen readers no longer intrusively report progress information unless the user requests it. Changed You will soon find Picture-in-Picture more easily on all the videos you watch with new iconography. The bookmarks toolbar is now automatically revealed once bookmarks are imported into Firefox, making it easier to find your most important websites. We have expanded our supported file types - .xml, .svg, and .webp - so files you’ve downloaded can be opened right in Firefox. Enterprise Various bug fixes and new policies have been implemented in the latest version of Firefox. You can see more details in the Firefox for Enterprise 81 Release Notes. Developer Developer Information TypeScript files are now properly identified in the Debugger panel and labeled with corresponding icons making it easier for you to find these files in the list. HTTP JSON responses using XSSI prevention characters are properly parsed and JSON data presented in a form of an expandable tree. This allows easy inspection of such HTTP responses through traditional (expandable) tree UI. It’s possible to pause on script first statement, which is useful e.g. in cases where developers want to debug side effects caused by script execution or timers. The color vision deficiency simulation in the accessibility panel of Developer Tools is now more accurate. We removed protanomaly, deuteranomaly and tritanomaly and added achromatopsia. Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted September 30, 2020 Share Posted September 30, 2020 ff v78.1.0 esr 28. july 2020 Fixed Various stability, functionality, and security fixes Quote Security Vulnerabilities fixed in Firefox ESR 78.1 Announced July 28, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 78.1 #CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker Reporter Mikhail Oblozhikhin Impact high Description By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. References Bug 1634872 #CVE-2020-6514: WebRTC data channel leaks internal address to peer Reporter Natalie Silvanovich of Google Project Zero Impact high Description WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is often transmitted to the peer, which allows bypassing ASLR. References Bug 1642792 #CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy Reporter Rob Wu Impact high Description Mozilla Developer Rob Wu discovered that a redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. References Bug 1645204 #CVE-2020-15653: Bypassing iframe sandbox when allowing popups Reporter Anne van Kesteren Impact moderate Description Mozilla developer Anne van Kesteren discovered that <iframe sandbox> with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. References Bug 1521542 #CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture Reporter Reported by Pawel Wylecial of REDTEAM.PL Impact moderate Description Crafted media files could lead to a race in texture caches, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. References Bug 1635293 #CVE-2020-15656: Type confusion for special arguments in IonMonkey Reporter Carl Smith, working with Google Project Zero Impact moderate Description JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. References Bug 1647293 #CVE-2020-15658: Overriding file type when saving to disk Reporter belden Impact low Description The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. References Bug 1637745 #CVE-2020-15657: DLL hijacking due to incorrect loading path Reporter Steve Nyan Lin Impact low Description Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory.Note: This issue only affected Windows operating systems. Other operating systems are unaffected. References Bug 1644954 #CVE-2020-15654: Custom cursor can overlay user interface Reporter SophosLabs Offensive Security team Impact low Description When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. References Bug 1648333 #CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 Reporter Mozilla developers and community Impact high Description Mozilla developers and community members Natalia Csoregi, Simon Giesecke, Jason Kratzer, Christian Holler, and Luke Wagner reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted September 30, 2020 Share Posted September 30, 2020 ff v78.2.0 esr 25. august 2020 Fixed Various stability, functionality, and security fixes Quote Security Vulnerabilities fixed in Firefox ESR 78.2 Announced August 25, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 78.2 #CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege Reporter Xiaoyin Liu Impact high Description If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges.Note: This issue only affected Windows operating systems. Other operating systems are unaffected. References Bug 1643199 #CVE-2020-15664: Attacker-induced prompt for extension installation Reporter Kaizer Soze Impact high Description By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. References Bug 1658214 #CVE-2020-15670: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2 Reporter Mozilla developers and community Impact high Description Mozilla developers Jason Kratzer, Christian Holler, and Byron Campen reported memory safety bugs present in Firefox 79 and Firefox ESR 78.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2 Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted September 30, 2020 Share Posted September 30, 2020 ff v78.3.0 esr 22. sept. 2020 Fixed Various stability, functionality, and security fixes Quote Security Vulnerabilities fixed in Firefox ESR 78.3 Announced September 22, 2020 Impact moderate Products Firefox ESR Fixed in Firefox ESR 78.3 #CVE-2020-15677: Download origin spoofing via redirect Reporter Richard Thomas and Tom Chothia of University of Birmingham Impact moderate Description By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. References Bug 1641487 #CVE-2020-15676: XSS when pasting attacker-controlled data into a contenteditable element Reporter Daniel Fröjdendahl Impact moderate Description Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. References Bug 1646140 #CVE-2020-15678: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario Reporter Lukas Bernhard Impact moderate Description When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. References Bug 1660211 #CVE-2020-15673: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 Reporter Jason Kratzer Impact high Description Mozilla developer Jason Kratzer reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted October 9, 2020 Share Posted October 9, 2020 ff v81.0.1 01. october 2020 Fixed Fixed missing content on Blackboard course listings (bug 1665447) Resolved incorrect scaling of Flash content on HiDPI macOS systems (bug 1667267) Fixes for various printing issues (bug 1667342, bug 1667510, bug 1667723) Fixed legacy preferences not being properly applied when set via GPO (bug 1666836) Fixed Picture-in-Picture controls being visible on audio-only page elements (bug 1666775) Fixed high memory growth with addons such as Disconnect installed, causing browser responsiveness issues over time (bug 1658571) Various stability improvements (bug 1661485, bug 1664542, bug 1664843) Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
trium Posted October 9, 2020 Share Posted October 9, 2020 ff v78.3.1 esr 01. october 2020 Fixed Fixed legacy preferences not being properly applied when set via GPO (bug 1666836) Versions of CCleaner Cloud; Introduction Ccleaner Cloud; Ccleaner-->System-Requirements; Ccleaner FAQ´s; Ccleaner builds; Scheduling Ccleaner Free Es ist möglich, keine Fehler zu machen und dennoch zu verlieren. Das ist kein Zeichen von Schwäche. Das ist das Leben -> "Picard" Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now