In case someone missed this (i did :(, story from a week ago), forks also should be updated by now meow-floppy

Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.

The vulnerability, tracked as CVE-2024-9680 (CVSS score: 9.8), has been described as a use-after-free bug in the Animation timeline component.

The issue has been addressed in the following versions of the web browser -

Firefox 131.0.2
Firefox ESR 128.3.1, and
Firefox ESR 115.16.1.
  • EllenKelly [comrade/them]
    ·
    1 month ago

    This says 131.0.2 was out on october 9th, which is the day before the article you posted, hopefully we're all good

    https://www.mozilla.org/en-US/firefox/131.0.2/releasenotes/

    mine had already updated to 131.0.3

    • plinky [he/him]
      hexagon
      ·
      1 month ago

      Its mainly reminder for forks, like zen, librewolf etc. Or those who break autoupdate like me