In case someone missed this (i did :(, story from a week ago), forks also should be updated by now
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-9680 (CVSS score: 9.8), has been described as a use-after-free bug in the Animation timeline component.
The issue has been addressed in the following versions of the web browser -
Firefox 131.0.2
Firefox ESR 128.3.1, and
Firefox ESR 115.16.1.
I assume this also affects mobile Firefox like Firefox/Fennec for Android? The version of Fennec on F-Droid is like 2 months old.
Nope. https://www.mozilla.org/en-US/security/advisories/mfsa2024-45/ < this clearly has “For Android” in it, which https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ doesn’t.
I haven’t seen mentions of mobile anywhere maybe its sufficiently different?