Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution
Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution
Mozilla has issued an urgent update for Firefox, patching two critical memory corruption flaws (CVSS 9.8) that could allow remote code execution. Update now!
Are forks like Librewolf also affected? And have they been updated?
Are forks like Librewolf also affected?
Yes
And have they been updated?
Librewolf is in the process of updating; perhaps some distributions of it have released new binaries already but the flathub release is still 139.0.1. In git you can see they bumped the version to get 139.0.4 (the version with the fix) here, 18 hours ago; presumably flathub will get that in the near future.
I guess an LLM wrote this:
All Firefox users—especially those on versions prior to 139.0.4—should:
- Update immediately to version 139.0.4 via built-in browser update tools or Mozilla’s official download page.
🙄
Cool!
good to know thanks
im sorta glad im not working. I could just see coming in and security has disabled running firefox.