Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, three as high and three as moderate.
Affected products are:
- Mozilla Firefox earlier than 34
- Mozilla Firefox ESR earlier than 31.3
- Mozilla Thunderbird earlier than 31.3
Links to the security advisories with details about addressed security issues:
MSFA-2014-91 Privileged access to security wrapped protected objects
MSFA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
MSFA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
MSFA-2014-88 Buffer overflow while parsing media content
MSFA-2014-87 Use-after-free during HTML5 parsing
MSFA-2014-86 CSP leaks redirect data via violation reports
MSFA-2014-85 XMLHttpRequest crashes with some input streams
MSFA-2014-84 XBL bindings accessible via improper CSS declarations
MSFA-2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment