Explore top 10 tips to secure your open-source projects now. Read More
×
This update provides compatible packages for Firefox 40.
Software Description:
- ubufox: Ubuntu modifications for Firefox
Details:
USN-2702-1 fixed vulnerabilities in Firefox. This update provides the
corresponding updates for Ubufox.
Original advisory details:
Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley,
Chris Coulson, and Eric Rahm discovered multiple memory safety issues in
Firefox. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit these to cause a denial of service
via application crash, or execute arbitrary code with the privileges of
the user invoking Firefox. (CVE-2015-4473, CVE-2015-4474)
Aki Helin discovered an out-of-bounds read when playing malformed MP3
content in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
obtain sensitive information, cause a denial of service via...
The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: xul-ext-ubufox 3.1-0ubuntu0.15.04.1 Ubuntu 14.04 LTS: xul-ext-ubufox 3.1-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: xul-ext-ubufox 3.1-0ubuntu0.12.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.
https://ubuntu.com/security/notices/USN-2702-2
https://ubuntu.com/security/notices/USN-2702-1
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1483858
Get the latest Linux and open source security news straight to your inbox.