There was a problem with compiling some of the software in the Fennec F-Droid build chain from source. That's why it's taking F-Droid a while to ship an update;
In the meantime you can get more recent versions of mobile FF-based browsers by adding the DivestOS repo to your F-Droid client. But it requires uninstalling, then installing from that repo.
F-Droid Forum
Fennec vulnerability? Recommended to uninstall
Feel free to immediately close this topic. I just want the F-Droid team to see this after they had to deal with all those entitled people in Fennec...
