Opened 7 months ago
Closed 7 months ago
New point version.
Awaiting release notes (84.0.2 also released and awaiting notes).
Looking at a diff, I can see a broken warning being removed on very old clang and the removal of related clang diagnostics in a Codegen.py file,the webgpu fixes re _0 for cbindgen-0.16.0, but also changes to an sctp file.
Mozilla marks this update as Critical:
Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1
January 6, 2021
Firefox, Firefox ESR, Firefox for Android
Firefox ESR 78.6.1
Firefox for Android 84.1.3
#CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code.
The release notes are now available - other than the above security fix, there is a fix for video playback on Apple Silicon.
Thanks, I've just got to the notes.
I find it amusing that the source tarball for 78.6.1 is smaller than for 78.6.0 when the short diff between them suggests 51 lines of code were deleted and 103 lines added.
Powered by Trac 1.5.3.dev0
By Edgewall Software
© 1998-2021 Gerard Beekmans.