SUSE-SU-2017:0426-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89044670 | Date: (C)2021-07-07 (M)2023-12-07 |
Class: PATCH | Family: unix |
MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues : * MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects * MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder * MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions * MFSA 2017-02/CVE-2017-5380: Potential use-after-free during DOM manipulations * MFSA 2017-02/CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer * MFSA 2017-02/CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 * MFSA 2017-02/CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP * MFSA 2017-02/CVE-2017-5376: Use-after-free in XSL * MFSA 2017-02/CVE-2017-5383: Location bar spoofing with unicode characters Please see https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ for more information.
Platform: |
SUSE Linux Enterprise Server 11 SP4 |