Oct. 10, 2022 Pavel Vasenkov 102.3.0-alt1
- New ESR version.
- Security fixes:
+ CVE-2022-3266 Out of bounds read when decoding H264
+ CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages
+ CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads
+ CVE-2022-40958 Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
+ CVE-2022-40956 Content-Security-Policy base-uri bypass
+ CVE-2022-40957 Incoherent instruction cache when building WASM on ARM64
+ CVE-2022-40962 Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3