Mozilla has fixed three vulnerabilities with the update to Firefox 65.0.1 and the ESR variant 60.5.1, which are rated by the developers with a high risk and with which it is possible for attackers under certain conditions to execute malicious code.
The security leaks are due, among other things, to a bug in the Skia Graphics Engine that could cause attackers to memory errors. On the other hand, only Firefox 65 has a serious gap, previous versions do not solve the problem. More information is provided by Mozilla on a help page.
The update closes corresponding gaps in the current Tor Browser 8.0.6, which is based on the ESR version of Firefox. In addition, the developers have added to this HTTPS Everywhere version 2019.1.31.