We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

FF 24.2 Vs 26 Based on this URL http://www.mozilla.org/security/known-vulnerabilities/firefox.html are all the security that are applied to 26 applied to ESR?

  • 3 replies
  • 1 has this problem
  • 1 view
  • Last reply by vickardis

more options

Basically I've deployed FF 24.2 ESR to my network but a user enquired if it's as secure as version 26.

According to this page:

http://www.mozilla.org/security/known-vulnerabilities/firefox.html

There are several security patches, assuming ESR updates major version yearly and subversion every so often, do the sub-versions contain the latest browser security patches? is 24.2 equivalent to 26 in terms of security...

Thanks!

Basically I've deployed FF 24.2 ESR to my network but a user enquired if it's as secure as version 26. According to this page: http://www.mozilla.org/security/known-vulnerabilities/firefox.html There are several security patches, assuming ESR updates major version yearly and subversion every so often, do the sub-versions contain the latest browser security patches? is 24.2 equivalent to 26 in terms of security... Thanks!

Chosen solution

The primary purpose of ESR is for security updates. The 24.2.0 was released when 26.0 was. The 24.3.0esr will be released when 27.0 is released next Tuesday.

For each Major ESR release the second number will increase by one. If there is a chemspill update then the third number will increase by one for each chemspill update that could not wait for next major release. For example the last Release was 25.0.1 and the ESR was 24.1.1.

The next Release the ESR will be based on will be 31.0 (unless it changes).

Read this answer in context 👍 0

All Replies (3)

more options

hello, yes the 24.2 ESR release includes all the security fixes as the latest 26 release.

http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html

more options

Chosen Solution

The primary purpose of ESR is for security updates. The 24.2.0 was released when 26.0 was. The 24.3.0esr will be released when 27.0 is released next Tuesday.

For each Major ESR release the second number will increase by one. If there is a chemspill update then the third number will increase by one for each chemspill update that could not wait for next major release. For example the last Release was 25.0.1 and the ESR was 24.1.1.

The next Release the ESR will be based on will be 31.0 (unless it changes).

Modified by James

more options

Thanks guys, this is exactly what I wanted to see but I wanted to see it confirmed by the Mozilla folks.

Keep up the good work... now if only MSI for were availabe for SCCM purposes... :-//

Modified by vickardis