Friday, June 13, 2014

Mozilla Product Updates Released

Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which six categorized as critical and two as high.

Affected products are:
- Mozilla Firefox earlier than 30
- Mozilla Firefox ESR 24.x earlier than 24.6
- Mozilla Thunderbird earlier than 24.6

Links to the security advisories with details about addressed security issues:
MFSA 2014-55 Out of bounds write in NSPR
MFSA 2014-54 Buffer overflow in Gamepad API
MFSA 2014-53 Buffer overflow in Web Audio Speex resampler
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-51 Use-after-free in Event Listener Manager
MFSA 2014-50 Clickjacking through cursor invisability after Flash interaction
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird

No comments: