Will Firefox ESR v48.x for OSX 10.8 and below be patched for Apple's chip vulnerability?
I recently upgraded my older MacBook to 10.7.5 and was happy to hear that Firefox ESR v48.x would work as a modern browser. Two days later the Spectre/Meltdown vulnerability was released. I understand that support has ended for ESR v48.x but would like to know if Mozilla has any plans to release a security patch to protect our older Mac's?
被采纳的解决方案
There was no 48 ESR; there was 45 ESR then 52 ESR.
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
Firefox 52 ESR does not support SharedArrayBuffer and is less at risk; the performance.now() mitigations will be included in the regularly scheduled Firefox 52.6 ESR release on January 23, 2018.
定位到答案原位置 👍 1所有回复 (3)
Hello, this will not be patched as Firefox 48 ESR is no longer supported. If this answered your question, mark as solution.
选择的解决方案
There was no 48 ESR; there was 45 ESR then 52 ESR.
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
Firefox 52 ESR does not support SharedArrayBuffer and is less at risk; the performance.now() mitigations will be included in the regularly scheduled Firefox 52.6 ESR release on January 23, 2018.
Thank you. Evidently I was confusing ESR versions with Firefox versions. The version I am using is Firefox ESR version 45.8.
Seems there will be no more security updates so I will finally have to migrate away from Firefox. Version 45.9 ESR is the last supported under OSX 10.7.5.