Mozilla Firefox is being updated to the current Firefox 38ESR branch . Security issues fixed: - MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader - MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards - MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file - MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties - MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright - MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript - MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images - MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx when decoding WebM video - MFSA 2015-90 / CVE-2015-4487/CVE-2015-4488/CVE-2015-4489: Vulnerabilities found through code inspection - MFSA 2015-92 / CVE-2015-4492: Use-after-free in XMLHttpRequest with shared workers This update also contains a lot of feature improvements and bug fixes from 31ESR to 38ESR. Also the Mozilla NSS library switched its CKBI API from 1.98 to 2.4, which is what Firefox 38ESR uses.