Mozilla just released the first security update, Firefox 85.0.1, to the version 85 branch. Besides the security fixes, the release is also notable for minor fixes and general improvements.
Firefox 85.0.1 comes with the following changes.
What's new in Firefox 85.0.1
- Prevent access to NTFS special paths that could lead to filesystem corruption.
- Fixed a crash when authenticating to websites using SPNEGO on macOS devices with Apple Silicon CPUs.
- Avoid printing an extra blank page at the end of some documents.
- Fixed a browser crash in case of unexpected Cache API state.
- FIxed external URL scheme handlers when using the Firefox flatpak
There is also a security fix. It resolves a critical vulnerability in the browser.
Buffer overflow in depth pitch calculations for compressed textures
In the Angle graphics library, depth pitch computations did not take into account the block size and simply multiplied the row pitch with the pixel height. This caused the load functions to use a very high depth pitch, reading past the end of the user-supplied buffer.
This was fixes Firefox 85.0.1 and Firefox ESR 78.7.1.
The release notes can be found here.
Firefox 85 was released on January 26, 2021, and brought a number of improvements to the browser. You can now delete all saved account data at once, show the Bookmarks bar on a new tab page, and more.