Changelog:
New
* You'll encounter less website breakage in Private Browsing and Strict
Enhanced Tracking Protection with SmartBlock, which provides stand-in
scripts so that websites load properly.
* To further protect your privacy, our new default HTTP Referrer policy will
trim path and query string information from referrer headers to prevent
sites from accidentally leaking sensitive user data.
* The "Highlight All" feature on Find in Page now displays tick marks
alongside your scrollbar that correspond to the location of matches found
on that page.
* We're proud to announce full support for macOS built-in screen reader,
VoiceOver.
* We've added a new locale: Silesian (szl)
Fixed
* We've fixed several significant accessibility issues:
+ Video controls now have visible focus styling and video and audio
controls are now keyboard navigable. (Bug 1681007)
+ HTML <meter> is now spoken by screen readers. (Bug 1460378)
+ Firefox now sets a useful initial focus in Add-ons Manager. (Bug 580537
)
+ Firefox will now fire a name/description change event when
aria-labelledby/describedby content changes. (Bug 493683)
* Various security fixes.
Changed
* To prevent user data loss when filling out forms, we've disabled the
Backspace key as a navigation shortcut for the back navigation button. To
re-enable the Backspace keyboard shortcut, you can change the about:config
preference browser.backspace_action to 0. You can also use the recommended
Alt + Left arrow (Command + Left arrow on Mac) shortcut instead.
Firefox keyboard shortcuts
* We've removed items from the Library menu that weren't used often or have
other access points in the browser: Synced tabs, Recent highlights, and
Pocket list.
* We've simplified the Help menu by reducing redundant items, such as those
that point to Firefox support pages that can also be accessed via the Get
Help item.
Enterprise
* Various bug fixes and new policies have been implemented in the latest
version of Firefox. You can see more details in the Firefox for Enterprise
87 Release Notes.
Developer
* Developer Information
* We've greatly simplified the Web Developer menu. Go to Application Menu >
Web Developer > Web Developer Tools to access Inspector, Web Console,
Debugger, Network Style Error, Performance, Storage Inspector,
Accessibility, and Application
* Developers can now use the Page Inspector to simulate prefers-color-scheme
media queries, without having to change the operating system to light or
dark mode.
* Developers can now use the Page Inspector to toggle the :target
pseudo-class for the currently selected element in addition to the
pseudo-classes that were previously supported: :hover, :active and :focus,
:focus-within, :focus-visible, and :visited.
* There is a number of Page Inspector improvements and bug fixes related to
inactive CSS rules:
+ The table-layout property is now marked as inactive for non-table
elements.
+ The scroll-padding properties (shorthand and longhand) are now marked
as inactive for non-scrollable elements.
+ The text-overflow property was previously incorrectly marked as
inactive for some overflow values.
Securiy fixes:
#CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an
out-of-bound read
#CVE-2021-23982: Internal network hosts could have been probed by a malicious
webpage
#CVE-2021-23983: Transitions for invalid ::marker properties resulted in memory
corruption
#CVE-2021-23984: Malicious extensions could have spoofed popup information
#CVE-2021-23985: Devtools remote debugging feature could have been enabled
without indication to the user
#CVE-2021-23986: A malicious extension could have performed credential-less
same origin policy violations
#CVE-2021-23987: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
#CVE-2021-23988: Memory safety bugs fixed in Firefox 87
Changelog:
86.0.1
Firefox Release
March 11, 2021
Version 86.0.1, first offered to Release channel users on March 11, 2021
-------------------------------------------------------------------------------
#
Fixed
* Fixed an issue on Apple Silicon machines that caused Firefox to be
unresponsive after system sleep (bug 1682713)
* Fixed an issue causing windows to gain or lose focus unexpectedly (bug
1694927)
* Fixed truncation of date and time widgets due to incorrect width
calculation (bug 1695578)
* Fixed an issue causing unexpected behavior with extensions managing tab
groups (bug 1694699)
* Fixed a frequent Linux crash on browser launch (bug 1694670)
Changelog:
New
* Firefox now supports simultaneously watching multiple videos in
Picture-in-Picture.
* Today, Firefox introduces Total Cookie Protection to Strict Mode. In Total
Cookie Protection, every website gets its own "cookie jar," preventing
cookies from being used to track you from site to site.
* We've improved our Print functionality with a cleaner design and better
integration with your computer's printer settings.
* For Firefox users in Canada, credit card management and auto-fill are now
enabled.
* Notable performance and stability improvements are achieved by moving
canvas drawing and WebGL drawing to the GPU process.
Fixed
* Reader mode now works with local HTML pages.
* Using screen reader quick navigation to move to editable text controls no
longer incorrectly reaches non-editable cells in some grids such as on
messenger.com.
* The Orca screen reader's mouse review feature now works correctly after
switching tabs in Firefox.
* Screen readers no longer report column headers incorrectly in tables
containing cells spanning multiple columns.
* Links in Reader View now have more color contrast.
* Various security fixes.
Changed
* On Linux and Android, the protection to mitigate the stack clash attack has
been activated.
* From Firefox 86 onward, DTLS 1.0 is no longer supported for establishing
WebRTC's PeerConnections. All WebRTC services need to support DTLS 1.2 from
now on as the minimum version.
* Consolidated all video decoding in the new RDD process which results in a
more secure Firefox.
Enterprise
* Various bug fixes and new policies have been implemented in the latest
version of Firefox. You can see more details in the Firefox for Enterprise
86 Release Notes.
Developer
* Developer Information
* CSS image-set() function in CSS is now enabled, allowing for responsive
images in CSS.
* Inactive CSS tool is now showing a warning when margin or padding is set on
internal table elements.
Inactive CSS screenshot
* Developer Tools Toolbox is now showing a number of errors on the current
page. This is a quick way to surface information to a developer that
something is wrong with their page. Clicking on the red exclamation icon
navigates the user to the Console panel.
Develeoper tools: screenshot of number of errors
Security fixes:
#CVE-2021-23969: Content Security Policy violation report could have contained
the destination of a redirect
#CVE-2021-23970: Multithreaded WASM triggered assertions validating separation
of script domains
#CVE-2021-23968: Content Security Policy violation report could have contained
the destination of a redirect
#CVE-2021-23974: noscript elements could have led to an HTML Sanitizer bypass
#CVE-2021-23971: A website's Referrer-Policy could have been be overridden,
potentially resulting in the full URL being sent as a Referrer
#CVE-2021-23976: Local spoofing of web manifests for arbitrary pages in Firefox
for Android
#CVE-2021-23977: Malicious application could read sensitive data from Firefox
for Android's application directories
#CVE-2021-23972: HTTP Auth phishing warning was omitted when a redirect is
cached
#CVE-2021-23975: about:memory Measure function caused an incorrect pointer
operation
#CVE-2021-23973: MediaError message property could have leaked information
about cross-origin resources
#CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
#CVE-2021-23979: Memory safety bugs fixed in Firefox 86
Changelog:
Fixed
Security fix
Prevent access to NTFS special paths that could lead to filesystem corruption.
Fixed a crash when authenticating to websites using SPNEGO on macOS devices with Apple Silicon CPUs (bug 1685427).
Avoid printing an extra blank page at the end of some documents (bug 1689789).
Fixed a browser crash in case of unexpected Cache API state (bug 1684838).
Fixed external URL scheme handlers when using the Firefox flatpak (bug 1688966)
Security fix:
#MOZ-2021-0001: Buffer overflow in depth pitch calculations for compressed textures
Changelog:
New
* Firefox now protects you from supercookies, a type of tracker that can stay
hidden in your browser and track you online, even after you clear cookies.
By isolating supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
* It??s easier than ever to save and access your bookmarks. Firefox now
remembers your preferred location for saved bookmarks, displays the
bookmarks toolbar by default on new tabs, and gives you easy access to all
of your bookmarks via a toolbar folder.
* The password manager now allows you to remove all of your saved logins with
one click, as opposed to having to delete each login individually.
Fixed
* Various security fixes.
Changed
* Firefox no longer supports Adobe Flash. There is no setting available to
re-enable Flash support.
Enterprise
* Various bug fixes and new policies have been implemented in the latest
version of Firefox. You can see more details in the Firefox for Enterprise
85 Release Notes.
Developer
* Developer Information
* CSS: We have added support for the :focus-visible pseudo class.
* It's possible to prettify JS expressions in Console source code Editor
(available in multiline mode) using a new toolbar button.
Console Editor Pretty Print Expression Screenshot
Security fixes:
#CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
#CVE-2021-23954: Type confusion when using logical assignment operators in
JavaScript switch statements
#CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
#CVE-2021-23956: File picker dialog could have been used to disclose a complete
directory
#CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the
intent URL scheme
#CVE-2021-23958: Screen sharing permission leaked across tabs
#CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
#CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript
variables during GC
#CVE-2021-23961: More internal network hosts could have been probed by a
malicious webpage
#CVE-2021-23962: Use-after-poison in <code>nsTreeBodyFrame::RowCountChanged</
code>
#CVE-2021-23963: Permission prompt inaccessible after asking for additional
permissions
#CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
#CVE-2021-23965: Memory safety bugs fixed in Firefox 85
Changelog:
Fixed
* Fixed problems loading secure websites and crashes for users with certain
third-party PKCS11 modules and smartcards installed (bug 1682881).
* Fixed slower than expected performance and flickering on Canvas elements
for some Windows users (bug 1683116).
* Fixed a bug causing some Unity JS games to not load on Apple Silicon
devices due to improper detection of the OS version (bug 1680516).
* Fixed crashes caused by various third-party antivirus software.
Changelog:
New
* Native support for macOS devices built with Apple Silicon CPUs brings
dramatic performance improvements over the non-native build that was
shipped in Firefox 83: Firefox launches over 2.5 times faster and web apps
are now twice as responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest Firefox.
* WebRender rolls out to MacOS Big Sur, Windows devices with Intel Gen 6
GPUs, and Intel laptops running Windows 7 and 8. Additionally we'll ship an
accelerated rendering pipeline for Linux/GNOME/X11 users for the first
time, ever!
* Firefox now uses more modern techniques for allocating shared memory on
Linux, improving performance and increasing compatibility with Docker.
* Firefox 84 is the final release to support Adobe Flash.
Fixed
* Various security fixes
#CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory
to be exposed
#CVE-2020-26971: Heap buffer overflow in WebGL
#CVE-2020-26972: Use-After-Free in WebGL
#CVE-2020-26973: CSS Sanitizer performed incorrect sanitization
#CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
#CVE-2020-26975: Malicious applications on Android could have induced Firefox
for Android into sending arbitrary attacker-specified headers
#CVE-2020-26976: HTTPS pages could have been intercepted by a registered
service worker when they should not have been
#CVE-2020-26977: URL spoofing via unresponsive port in Firefox for Android
#CVE-2020-26978: Internal network hosts could have been probed by a malicious
webpage
#CVE-2020-26979: When entering an address in the address or search bars, a
website could have redirected the user before they were navigated to the
intended url
#CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs
#CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead
#CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
Changelog:
Version 83.0, first offered to Release channel users on November 17, 2020
New
* Firefox keeps getting faster as a result of significant updates to
SpiderMonkey, our JavaScript engine, you will now experience improved page
load performance by up to 15%, page responsiveness by up to 12%, and
reduced memory usage by up to 8%. We have replaced part of the JavaScript
engine that helps to compile and display websites for you, improving
security and maintainability of the engine at the same time.
* Firefox introduces HTTPS-Only Mode. When enabled, this new mode ensures
that every connection Firefox makes to the web is secure and alerts you
when a secure connection is not available. You can enable it in Firefox
Preferences.
* Pinch zooming will now be supported for our users with Windows touchscreen
devices and touchpads on Mac devices. Firefox users may now use pinch to
zoom on touch-capable devices to zoom in and out of webpages.
* Picture-in-Picture now supports keyboard shortcuts for fast forwarding and
rewinding videos: use the arrow keys to move forward and back 15 seconds,
along with volume controls. For a list of supported commands see Support
Mozilla
* When you are presenting your screen on a video conference in Firefox, you
will see our improved user interface that makes it clearer which devices or
displays are being shared.
* We've improved functionality and design for a number of Firefox search
features:
+ Selecting a search engine at the bottom of the search panel now enters
search mode for that engine, allowing you to see suggestions (if
available) for your search terms. The old behavior (immediately
performing a search) is available with a shift-click.
+ When Firefox autocompletes the URL of one of your search engines, you
can now search with that engine directly in the address bar by
selecting the shortcut in the address bar results.
+ We've added buttons at the bottom of the search panel to allow you to
search your bookmarks, open tabs, and history.
* Firefox supports AcroForm, which will allow you to fill in, print, and save
supported PDF forms and the PDF viewer also has a new fresh look.
* Our users in India on the English build of Firefox will now see Pocket
recommendations in their new tab featuring some of the best stories on the
web. If you don't see them, you can turn on Pocket articles in your new
tab by following these steps.
* For the recently released Apple devices built with Apple Silicon CPUs, you
can use Firefox 83 and future releases without any change. This release
(83) will support emulation under Apple's Rosetta 2 that ships with macOS
Big Sur. We are working toward Firefox being natively-compiled for these
CPUs in a future release.
* This is a major release for WebRender as we roll out to more Firefox users
on Windows 7 and 8 as well as on macOS 10.12 to 10.15.
Fixed
* This release also includes a number of accessibility fixes:
+ Screen reader features which report paragraphs now correctly report
paragraphs instead of lines in Google Docs
+ When reading by word using a screen reader, words are now correctly
reported when there is punctuation nearby
+ The arrow keys now work correctly after tabbing in the
picture-in-picture window
* For users on macOS restoring a session with minimized windows, Firefox now
uses much less power and you should see much longer battery life.
* Various security fixes
Security fixes:
#CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code
#CVE-2020-26952: Out of memory handling of JITed, inlined functions could lead to a memory corruption
#CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls
#CVE-2020-26953: Fullscreen could be enabled without displaying the security UI
#CVE-2020-26954: Local spoofing of web manifests for arbitrary pages in Firefox for Android
#CVE-2020-26955: Cookies set during file downloads are shared between normal and Private Browsing Mode in Firefox for Android
#CVE-2020-26956: XSS through paste (manual and clipboard API)
#CVE-2020-26957: OneCRL was not working in Firefox for Android
#CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions
#CVE-2020-26959: Use-after-free in WebRequestService
#CVE-2020-26960: Potential use-after-free in uses of nsTArray
#CVE-2020-15999: Heap buffer overflow in freetype
#CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
#CVE-2020-26962: Cross-origin iframes supported login autofill
#CVE-2020-26963: History and Location interfaces could have been used to hang the browser
#CVE-2020-26964: Firefox for Android's Remote Debugging via USB could have been abused by untrusted apps on older versions of Android
#CVE-2020-26965: Software keyboards may have remembered typed passwords
#CVE-2020-26966: Single-word search queries were also broadcast to local network
#CVE-2020-26967: Mutation Observers could break or confuse Firefox Screenshots feature
#CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
#CVE-2020-26969: Memory safety bugs fixed in Firefox 83
The python 2 dependency was seemingly removed in Firefox 78.0 so we
can remove those old hacks.
Firefox needs clang for some unknown part of the build process (rust
related?), even if building with GCC.
The previous solution in pkgsrc was to force the use of clang, because
pkgsrc provides cwrappers which provided gcc-as-clang, which broke
everything. Instead, override the clang wrapper with the actual clang
executable.
This means the majority of the build happens with GCC (or ccache, distcc,
whatever the user chooses, rather than overriding it with clang). Should help
sparc64, where clang doesn't work too well.
Full build tested on NetBSD/amd64.
mk/endian.mk includes mk/compiler.mk and PKG_CC and PKG_CXX were
effective.
Now mk/endian.mk has been removed and include mk/compiler.mk
explicitly to use clang only.
Reported by martin@ on tech-pkg@.
Tested on amd64. This means that text relocations are now fatal.
Hopefully other architectures don't have additional ways to be not-mprotect-
safe, but there is always the possibility.
No obvious performance difference in an older (non-wasm) javascript benchmark.
Avoid an unnecessary prompt to reboot when using the full installer on Windows (bug 1671715)
Restored the ability to print on paper whose width or height is larger than 100 inches, e.g. for receipts (bug 1672370)
Fixed printing of documents with margins of zero, e.g. some PDFs (bug 1672529)
Fixed handling of the WebDriver:ClickElement command in the marionette testing framework (bug 1666755)
Stability fix (bug 1660539)
New:
With this release, Firefox introduces a number of improvements that make watching videos more delightful:
the Picture-In-Picture button has a new look and position, making it easier for you to find and use the feature.
Picture-In-Picture now has a keyboard shortcut for Mac users (Option + Command + Shift + Right bracket) that works before you start playing the video.
For Windows users, Firefox now uses DirectComposition for hardware decoded video, which will improve CPU and GPU usage during video playback, improving battery life.
Firefox is faster than ever with improved performance on both page loads and start up time:
Websites that use flexbox-based layouts load 20% faster than before;
Restoring a session is 17% quicker, meaning you can more quickly pick up where you left off;
For Windows users, opening new windows got quicker by 10%.
You can now explore new articles when you save a webpage to Pocket from the Firefox toolbar.
WebRender continues to roll out to more Firefox users on Windows.
Fixed:
Screen reader features which report paragraphs now correctly report paragraphs in Firefox instead of lines.
Various security fixes.
Changelog:
Fixed
Fixed missing content on Blackboard course listings (bug 1665447)
Resolved incorrect scaling of Flash content on HiDPI macOS
systems (bug 1667267)
Fixes for various printing issues (bug 1667342, bug 1667510,
bug 1667723)
Fixed legacy preferences not being properly applied when set
via GPO (bug 1666836)
Fixed Picture-in-Picture controls being visible on audio-only
page elements (bug 1666775)
Fixed high memory growth with addons such as Disconnect installed,
causing browser responsiveness issues over time (bug 1658571)
Various stability improvements (bug 1661485, bug 1664542, bug
1664843)
Changelog:
September 22, 2020
Version 81.0, first offered to Release channel users on September 22, 2020
We'd like to extend a special thank you to all of the new Mozillians who
contributed to this release of Firefox.
New
* You can pause and play audio or video in Firefox right from your keyboard
or headset, giving you easy access to control your media when in another
Firefox tab, another program, or even when your computer is locked.
* In addition to our default, dark and light themes, with this release,
Firefox introduces the Alpenglow theme: a colorful appearance for buttons,
menus, and windows. You can update your Firefox themes under settings or
preferences.
* For our users in the US and Canada, Firefox can now save, manage, and
auto-fill credit card information for you, making shopping on Firefox ever
more convenient. To ensure the smoothest experience, this will be rolling
out to users gradually.
* Firefox supports AcroForm, which will soon allow you to fill in, print, and
save supported PDF forms and the PDF viewer also has a new fresh look.
* Our users in Austria, Belgium and Switzerland using the German version of
Firefox will now see Pocket recommendations in their new tab featuring some
of the best stories on the web. If you don’t see them, you can turn on
Pocket articles in your new tab by following these steps. In addition to
Firefox’s new tab, Pocket is also available as an app on iOS and Android.
Fixed
* Various security fixes.
* We’ve fixed a bug for users of language packs where the default language
was reset to English after Firefox updates.
* Browser native HTML5 audio/video controls received several important
accessibility fixes:
+ Audio/video controls remain accessible to screen readers even when they
are temporarily hidden visually.
+ Audio/video elapsed and total time are now accessible to screen readers
where they weren't previously.
+ Various unlabelled controls are now labelled making them identifiable
to screen readers.
+ Screen readers no longer intrusively report progress information unless
the user requests it.
Changed
* You will soon find Picture-in-Picture more easily on all the videos you
watch with new iconography.
* The bookmarks toolbar is now automatically revealed once bookmarks are
imported into Firefox, making it easier to find your most important
websites.
* We have expanded our supported file types - .xml, .svg, and .webp - so
files you’ve downloaded can be opened right in Firefox.
Security fixes:
#CVE-2020-15675: Use-After-Free in WebGL
#CVE-2020-15677: Download origin spoofing via redirect
#CVE-2020-15676: XSS when pasting attacker-controlled data into a
contenteditable element
#CVE-2020-15678: When recursing through layers while scrolling, an iterator may
have become invalid, resulting in a potential use-after-free scenario
#CVE-2020-15673: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
corruption and we presume that with enough effort some of these could have been
exploited to run arbitrary code.
#CVE-2020-15674: Memory safety bugs fixed in Firefox 81
* Change WebRTC dependency to new graphics/libv4l.
Changelog:
Fixed
Fixed a performance regression when encountering new intermediate CA certificates (bug 1661543)
Fixed crashes possibly related to GPU resets (bug 1627616)
Fixed rendering on some sites using WebGL (bug 1659225)
Fixed the zoom-in keyboard shortcut on Japanese language builds (bug 1661895)
Fixed download issues related to extensions and cookies (bug 1655190)
Changelog:
New
Firefox can now be set as the default system PDF viewer.
The name reported by accessibility tools for items in multi-tiered
tree controls no longer incorrectly includes information from
items at deeper levels, providing users with the correct level
of content when using a screen reader.
Fixed
Various security fixes.
Several crashes while using a screen reader were fixed including
a frequently encountered crash when using the JAWS screen
reader.
Firefox Developer Tools received significant fixes allowing
screen reader users to benefit from some of the tools that were
previously inaccessible.
SVG title and desc elements (labels and descriptions) are now
correctly exposed to assistive technology products such as
screen readers.
Changed
For users with reduced motion settings, we've reduced a number
of animations such as tab loading to reduce motion for users
with migraines and epilepsy.
The new add-ons blocklist has been enabled to improve performance
and scalability.
Enterprise
A number of bug fixes and new policies have been implemented
in the latest version of Firefox. You can see more details in
the Firefox for Enterprise 80 Release Notes.
Today's release is the final scheduled for Firefox 68 ESR
(68.12) unless there is a critical security issue found prior
to the release of Firefox ESR 78.3 on September 22, 2020. Users
of Firefox 68 ESR will be automatically upgraded to the Firefox
78 ESR series with the release of 78.3.
Developer
We've shipped an experimental sidebar panel in the inspector
to Firefox Developer Edition that helps developers more quickly
identify potential browser compatibility problems based on MDN
data.
In the Network Monitor request list, a turtle icon is shown
for "slow" requests that exceed a threshold for the waiting
time.
Firefox now supports RTX and Transport-cc for improved call
quality in poor network conditions and better bandwidth
estimation. These features also provide better compatibility
with many websites using WebRTC.
Security fixes:
#CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege
#CVE-2020-15664: Attacker-induced prompt for extension installation
#CVE-2020-12401: Timing-attack on ECDSA signature generation
#CVE-2020-6829: P-384 and P-521 vulnerable to an electro-magnetic side channel attack on signature generation
#CVE-2020-12400: P-384 and P-521 vulnerable to a side channel attack on modular inversion
#CVE-2020-15665: Address bar not reset when choosing to stay on a page after the beforeunload dialog is shown
#CVE-2020-15666: MediaError message property leaks cross-origin response status
#CVE-2020-15667: Heap overflow when processing an update file
#CVE-2020-15668: Data Race when reading certificate information
#CVE-2020-15670: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
