SUSE: 2015:2081-1 Important: Mozilla Firefox Security Fixes
suse
November 23, 2015
An update that fixes 43 vulnerabilities is now available
Summary
MozillaFirefox ESR was updated to version 38.4.0ESR to fix multiple security issues. * MFSA 2015-116/CVE-2015-4513 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) * MFSA 2015-122/CVE-2015-7188 Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 Vulnerabilities found through code inspection
References
#908275 #940806 #943557 #943558 #943608 #947003
#952810
Cross- CVE-2015-4473 CVE-2015-4474 CVE-2015-4475
CVE-2015-4478 CVE-2015-4479 CVE-2015-4484
CVE-2015-4485 CVE-2015-4486 CVE-2015-4487
CVE-2015-4488 CVE-2015-4489 CVE-2015-4491
CVE-2015-4492 CVE-2015-4497 CVE-2015-4498
CVE-2015-4500 CVE-2015-4501 CVE-2015-4506
CVE-2015-4509 CVE-2015-4511 CVE-2015-4513
CVE-2015-4517 CVE-2015-4519 CVE-2015-4520
CVE-2015-4521 CVE-2015-4522 CVE-2015-7174
CVE-2015-7175 CVE-2015-7176 CVE-2015-7177
CVE-2015-7180 CVE-2015-7181 CVE-2015-7182
CVE-2015-7183 CVE-2015-7188 CVE-2015-7189
CVE-2015-7193 CVE-2015-7194 CVE-2015-7196
CVE-2015-7197 CVE-2015-7198 CVE-2015-7199
CVE-2015-7200
Affected Products:
...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2015:2081-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!