This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues: Security issues fixed: - CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing . - CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster . - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 . - CVE-2020-12418: Information disclosure due to manipulated URL object . - CVE-2020-12419: Use-after-free in nsGlobalWindowInner . - CVE-2020-12420: Use-After-Free when trying to connect to a STUN server . - CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack . - CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates . - CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer . - CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library . - CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process . - CVE-2020-12425: Out of bound read in Date.parse . - CVE-2020-12426: Memory safety bugs fixed in Firefox 78 . - FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled . Non-security issues fixed: - Fixed interaction with freetype6 .