The Firefox 67 update, published on May 21, broke many web apps. The new Universal 2nd Factor API, now enabled by default, reserves a global variable called
u2f. Updated Vaadin versions are now available.
To fix the issue, the
u2f variable needs to be blacklisted and applications need to be re-compiled. The easiest way to do this is to update to the latest maintenance releases pushed out already today. Unaffected versions are 8.8.2 upwards and 7.7.19 upwards (covered by our extended support). GWT itself is not yet fixed, but we managed to figure out a workaround for the issue. See the GitHub issue for more details or contact our support in case you need to patch your GWT or older Vaadin 6 application.