Friday, September 5, 2014

Mozilla Product Updates Released

Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, two as high and one as moderate.

Affected products are:
- Mozilla Firefox earlier than 32
- Mozilla Firefox ESR earlier than 24.8 and 31.1
- Mozilla Thunderbird earlier than 31.1
- Mozilla Thunderbird earlier than 24.8

Links to the security advisories with details about addressed security issues:
MFSA 2014-72 Use-after-free setting text directionality
MFSA 2014-71 Profile directory file access through file: protocol
MFSA 2014-70 Out-of-bounds read in Web Audio audio timeline
MFSA 2014-69 Uninitialized memory use during GIF rendering
MFSA 2014-68 Use-after-free during DOM interactions with SVG
MFSA 2014-67 Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird

No comments: