Update firefox to 74.0
Summary:
Security:
- CVE-2020-6805: Use-after-free when removing data about origins
- CVE-2020-6806: BodyStream::OnInputStreamReady was missing protections against state confusion
- CVE-2020-6807: Use-after-free in cubeb during stream destruction
- CVE-2020-6808: URL Spoofing via javascript: URL
- CVE-2020-6809: Web Extensions with the all-urls permission could access local files
- CVE-2020-6810: Focusing a popup while in fullscreen could have obscured the fullscreen notification
- CVE-2020-6811: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection
- CVE-2019-20503: Out of bounds reads in sctp_load_addresses_from_init
- CVE-2020-6812: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
- CVE-2020-6813: @import statements in CSS could bypass the Content Security Policy nonce feature
- CVE-2020-6814: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6
- CVE-2020-6815: Memory and script safety bugs fixed in Firefox 74
Release notes available here
Signed-off-by: Pierre-Yves <pyu@riseup.net>
Test Plan: Browsed a few websies
Reviewers: Triage Team
Subscribers: JoshStrobl
Differential Revision: https://dev.getsol.us/D8469