Die Funktionalität dieser Website ist durch Wartungsarbeiten eingeschränkt, die Ihr Erlebnis verbessern sollen. Wenn ein Artikel Ihr Problem nicht löst und Sie eine Frage stellen möchten, können Sie unsere Gemeinschaft über @FirefoxSupport auf Twitter, /r/firefox oder Reddit fragen.

Avatar for Username

Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Weitere Informationen

Firefox 128.1.0esr and 128.2.0esr security vulnerabilities

  • 2 Antworten
  • 0 haben dieses Problem
  • Letzte Antwort von James

23kikes2
23kikes2
more options

Tenable is reporting 128.1 and 128.2 as affected by vulnerabilities covered in CVEs' in their plugin 205009 ( https://www.tenable.com/plugins/nessus/205009 ). The rule they are applying is: Mozilla Firefox < 129 That implies that 128.1 and 128.2 are also < then 129 -> therefor vulnerable. Can you please answer 2 questions:

  • are Firefox 128.1 and 128.2 part of the same branch of product as 129? Or are they necessarily ESR?
  • are Firefox 128.1 and 128.2 affected by CVEs' covered in their TENABLE plugin 205009?
Tenable is reporting 128.1 and 128.2 as affected by vulnerabilities covered in CVEs' in their plugin 205009 ( https://www.tenable.com/plugins/nessus/205009 ). The rule they are applying is: Mozilla Firefox < 129 That implies that 128.1 and 128.2 are also < then 129 -> therefor vulnerable. Can you please answer 2 questions: * are Firefox 128.1 and 128.2 part of the same branch of product as 129? Or are they necessarily ESR? * are Firefox 128.1 and 128.2 affected by CVEs' covered in their TENABLE plugin 205009?

Alle Antworten (2)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

The Firefox ESR branch receives security updates, so exposed vulnerabilities get fixed via minor updates.

See:

Security Vulnerabilities fixed in Firefox ESR 128.1 — Mozilla

Security Vulnerabilities fixed in Firefox ESR 128.2 — Mozilla

Geändert am von cor-el

Hilfreich?

James
James
  • Top 25 Contributor
  • Moderator
more options

23kikes2 said
Tenable is reporting 128.1 and 128.2 as affected by vulnerabilities covered in CVEs' in their plugin 205009 ( https://www.tenable.com/plugins/nessus/205009 ). The rule they are applying is: Mozilla Firefox < 129 That implies that 128.1 and 128.2 are also < then 129 -> therefor vulnerable. Can you please answer 2 questions:
  • are Firefox 128.1 and 128.2 part of the same branch of product as 129? Or are they necessarily ESR?

There is no mention of Firefox 128.1.0 esr and 128.2.0 esr on that page though.

Fx 129.0 and Fx 128.1.0esr was released August 6, 2024 while the current Fx 128.2.0esr was released September 3, 2024 so it has security fixes that the older 129.0 and 128.1.0esr does not have. The Fx 128.2.0esr and Fx 130.0.1 are the current Releases. https://www.mozilla.org/firefox/releases/

ESR is short for Extended Support Releases as it only gets security and stability fixes and no new features so as to have longer term stability that Enterprise users need. Firefox 128 ESR is based on the Firefox 128.0 Release but gets longer term security/stability updates, say up to 128.15.0esr.

Hilfreich?

Stellen Sie eine Frage

Sie müssen sich mit Ihrem Benutzerkonto anmelden, um auf Beiträge zu antworten. Bitte stellen Sie eine neue Frage, wenn Sie noch kein Benutzerkonto haben.