On Monday, Mozilla uploaded to its FTP server the version of its browser that officially launched on Tuesday. This is the Firefox 70 which introduced, among other things, a visual change that is the one that attracts the most attention: the new icon (which, I have to mention, cannot be seen in the theme I use in Plasma, not yet). The list of new features that it introduced were not the most striking, but there is always a security section that sometimes mentions more important corrected vulnerabilities than others.
When fixed security bugs are unimportant, the information stays in the Mozilla news article. When there is something more serious, which usually coincides with major updates, Canonical publishes its own security report, the USN-4165-1 in this case. In total, the security report on this update includes 13 vulnerabilities, one of them marked as high priority.
Firefox 70 is now available in the official repositories
Among the thirteen security bugs fixed there are more and less serious, but the majority (11) are of medium priority. The remaining two are one of high priority and another of low priority. The most serious is the CVE-2018-6156 which describes a failure that «allowed a remote attacker potentially exploiting heap corruption via specially crafted video file" taking advantage "lan incomplete derivation of a packet length in WebRTC in Google Chrome older than 68.0.3440.75«.
The falls affect all Ubuntu versions in their official support cycle, which at the moment are Ubuntu 19.10 Eoan Ermine, Ubuntu 19.04 Disco Dingo, Ubuntu 18.04 Bionic Beaver and Ubuntu 16.04 Xenial Xerus. Firefox 70 is now also available in the official Ubuntu repositories, so protecting ourselves from all these failures and enjoying the new icon (if it appears in your distribution / theme ...) is as simple as opening the software center or the update app and install the new packages.