Mozilla have released updates to Firefox browser and Firefox OS to address a bunch of vulnerabilities of which one categorized as critical, three as high, one as moderate and two as low.
Affected products are:
- Mozilla Firefox earlier than 39.0.3
- Mozilla Firefox ESR earlier than 38.1.1
- Mozilla Firefox OS 2.2
Links to the security advisories with details about addressed security issues:
MFSA 2015-78 Same origin violation and local file stealing via PDF reader
MFSA 2015-77 Upper bound check bypass due to signed compare in SharedBufferManagerParent::RecvAllocateGrallocBuffer
MFSA 2015-76 Wifi direct system messages don't require a permission
MFSA 2015-75 COPPA error screen in FxAccounts signup allows loading arbitrary web content into B2G root process
MFSA 2015-74 UMS (USB) mounting after reboot even without unlocking
MFSA 2015-73 Remote HTML tag injection in Gaia System app
MFSA 2015-72 Remote HTML tag injection in Gaia Search app
Fresh version can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Firefox OS updates itself. Instructions for manually check the updates can be found here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment