By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed.
How what? It was a problem in the Windows implementation of Firefox.
GNU/Linux is not Microsoft Windows, and doesn’t even have anything in common with said platform. GNU/Linux is a UNIX-family operating system, while Microsoft Windows is a weird concoction, with a VMS-like kernel underneath a graphical user interface that itself still carries lots of legacy with it from MS-DOS and CP/M.
Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664)
in their security advisory. That doesn’t rule out the possibility that they included it because it was in the upstream changelog (or something), but still.
I dont understand you.
Manjaro is a curated rolling release … packages are tested before shipping to stable.
Security biggies are often fast tracked.
Firefox 81 is in all branches except Stable … it was released in Arch less than 4 days ago … with 81.0-2 being released less than 24 hours ago.
Chill out … it will be in stable very soon.
If you cant possibly wait and you want the freshest all the time … just use Unstable Branch.
Confusion? What a crock. Sh*t happens when the clueless blindly click on whatever the affirmation button is (yes, accept, continue, etc.) to whatever dialog suddenly appears.
the other thread said the problem was for windows only and then the thread was closed and i was told to read the cve so i did and it looks like the cve was valid for linux too. so i am asking about the problem here again, because someone closed the thread, maybe they don’t like to ask people about problems? I do not know why. i don’t know if i misunderstand something in the mozilla page. other thread also say that security updates released soon, but this is one that wasn’t so that I am asking why again.
You probably write so badly in your mother language that the translator fails. Please, take more time for writing your posts so people get a chance to understand what you mean. Otherwise don’t post anything, because you create confusion and are annoying. https://wiki.manjaro.org/index.php?title=Forum_Rules#No_Power-Posting.2FEmpty_Posts