This one caught my eye, normally browser reports are fairly edge-case scenario’s that cause crashes, local DDOS’s etc, however buried at the bottom this one we see;
Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
I take this to mean potentially letting a foreign website run arbitrary (I’m assuming “un-sandboxed”) code on the machines running Firefox. This isn’t on my Christmas wish-list! It looks like my auto-updates have me on 120, for Firefox users, might be worth checking you’re not on 119 …
I’ve always been in the habit of lagging behind version numbers (e.g. of Ubuntu) until most of the problems have been ironed out.
I am on FF 119.0 with no obvious automatic update so I guess sticking with 119 for a while would be a good move. On the other hand; who knows what problems lurk beneath even this version?
Mmm, Ubuntu provide Firefox as a snap (same for Chromium) which is great, an additional layer of protection having it inside a container. This maybe why they’re not as concerned as they might be, i.e. any exploit would also run inside the container.
My expectation would be that all versions in the snap store should be up-to-date, so “snap refresh” should be all you need … unless you don’t have snap installed?
From a security perspective, I always (these days) prefer snap installs over apt. In the future I can see all non-system packaging going this way, with apt being reserved for system / OS packages. Whereas snap took a while to mature and still has some short-comings, the risks of apt installed “applications” is becoming significant.
You are quite right tho’, they are forever introducing new problems in new versions, all the more reasons to use the snap …
