Interim release of Firefox 67.0.2, which fixes (CVE-2019-11702) that is specific to the Windows platform and allows a local file to be opened in Internet Explorer by manipulating links that specify the "IE.HTTP:" protocol.
In addition to the vulnerability, the new release also fixes several non-security issues:
- output in the console of the JavaScript error "TypeError: data is null in PrivacyFilter.jsm", which could adversely affect the reliability and performance of session recovery;
- Resolved with the output of a pop-up authentication dialog for connecting through a proxy;
- Solved the problem of logging into the Pearson MyCloud service when using FIDO U2F;
- Improved launch of the browser in safe mode, which on Linux and macOS since Firefox 67 failed because the browser the profile is too new for the current version of Firefox;
- Eliminated installing and using additional language packs through the configuration interface in versions of Firefox provided by Linux distributions;
- Fixed in developer tools , which did not allow copying links and HTML tag code from the inspection window;
- Fixed , leading to the inability to set your own start page when you set the option to clear data before shutting down in the settings;
- Resolved with performance when executing web applications based on the Eclipse RAP framework;
- crash on startup in macOS 10.15 environment;
- launching two parallel downloads via the "a" tag with the "download" attribute.
Source: opennet.ru