Lucene search

K
oraclelinuxOracleLinuxELSA-2017-1104
HistoryApr 20, 2017 - 12:00 a.m.

firefox security update

2017-04-2000:00:00
linux.oracle.com
39

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.604 Medium

EPSS

Percentile

97.5%

[52.1.0-2.0.1]

  • Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one
  • Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd Vierling) [orabug 19847484]
    [52.1.0-2]
  • Update to 52.1.0 ESR (Build3)
    [52.1.0-1]
  • Update to 52.1.0 ESR
    [52.0-5]
  • Added fix for mozbz#1348168/CVE-2017-5428
    [52.0-4]
  • Update to 52.0 ESR (b4)
    [52.0-3]
  • Added fix for rhbz#1423012 - ppc64 gfx crashes
    [52.0-2]
  • Enable system nss
    [52.0-1]
  • Update to 52.0ESR (B1)
  • Build RHEL7 package for Gtk3
    [52.0-0.13]
  • Added fix for rhbz#1414535
    [52.0-0.12]
  • Update to 52.0b8
    [52.0-0.11]
  • Readded addons patch
    [52.0-0.10]
  • Update to 52.0b3
    [52.0-0.9]
  • Update to 52.0b2
    [52.0-0.8]
  • Update to 52.0b1
    [52.0-0.5]
  • Firefox Aurora 52 testing build
    [45.5.0-1]
  • Update to 45.5.0 ESR
    [45.4.0-3]
  • Added upcoming upstream patches mozbz#1018486
    [45.4.0-2]
  • Added Laszlo Ersek patch for aarch64 crashes
    [45.4.0-1]
  • Update to 45.4.0 ESR
    [45.3.0-1]
  • Update to 45.3.0 ESR
    [45.2.0-3]
  • Added fix for mozbz#256180
    [45.2.0-2]
  • Added fix for mozbz#975832, rhbz#1343202
    [45.2.0-1]
  • Update to 45.2.0 ESR
    [45.1.1-2]
  • Added fix for mozbz#1270046 - new Samba auth response
    [45.1.1-1]
  • Update to 45.1.1 ESR
    [45.1.0-3]
  • Disabled ffmpeg (rhbz#1330898)
    [45.1.0-1]
  • Fixed some regressions introduced by rebase
    [45.1.0-1]
  • Update to 45.1.0 ESR
    [45.0.2-1]
  • Update to 45.0.2 ESR
    [45.0.1-1]
  • Update to 45.0.1 ESR
    [45.0-5]
  • Fixed crashed after start (rhbz#1323744, rhbz#1323738)
    [45.0-4]
  • Added system-level location for configuring Firefox (rhbz#1206239)
    [45.0-3]
  • Update to 45.0 ESR
    [38.5.0-3]
  • Update to 38.5.0 ESR
    [38.4.0-1]
  • Update to 38.4.0 ESR
    [38.3.0-2]
  • Update to 38.3.0 ESR
    [38.2.1-1]
  • Update to 38.2.1 ESR
    [38.2.0-4]
  • Update to 38.2.0 ESR
    [38.1.1-1]
  • Update to 38.1.1 ESR
    [38.1.0-1]
  • Update to 38.1.0 ESR
    [38.0.1-2]
  • Fixed rhbz#1222807 by removing preun section
    [38.0.1-1]
  • Update to 38.0.1 ESR
    [38.0-4]
  • Fixed rhbz#1221286 - After update to Firefox 38 ESR
    all RH preferences are gone
    [38.0-3]
  • Enabled system nss
  • Removed unused patches
  • Mon May 04 2015 Jan Horak - 38.0-2
  • Update to 38.0 ESR
    [38.0b8-0.11]
  • Update to 38.0 Beta 8
    [38.0b6-0.10]
  • Added patch for mozbz#1152515
    [38.0b6-0.9]
  • Update to 38.0 Beta 6
    [38.0b5-0.8]
  • Update to 38.0 Beta 5
    [38.0b3-0.7]
  • Update to 38.0 Beta 3
    [38.0b1-0.6]
  • Added patch for mozbz#1152391
    [38.0b1-0.5]
  • Fix build on AArch64 (based on upstream skia changes)
    [38.0b1-0.4]
  • Enabled debug build
    [38.0b1-1]
  • Update to 38.0b1
    [31.5.0-2]
  • Update to 31.5.0 ESR Build 2
    [31.4.0-1]
  • Update to 31.4.0 ESR
    [31.3.0-6]
  • Fixed Bug 1140385 - [HP HPS 7.1 bug] assertion
    ‘sys_page_size == 0’ when starting firefox
    [31.3.0-5]
  • Fixed problems with dictionary (mozbz#1097550)
  • JS JIT fixes for ppc64le
    [31.3.0-3]
  • Fixed geolocation key location
    [31.3.0-2]
  • Disable exact rooting for JS
    [31.3.0-1]
  • Update to 31.3.0 ESR Build 2
  • Fix for geolocation API (rhbz#1063739)
    [31.2.0-5]
  • Enabled gstreamer-1 support (rhbz#1161077)
    [31.2.0-4]
  • Fix webRTC for aarch64, ppc64le (rhbz#1148622)
    [31.2.0-3]
  • Update to 31.2.0 ESR
  • Fix for mozbz#1042889
    [31.1.0-7]
  • Enable WebM on all arches
    [31.1.0-6]
  • Enable all NPAPI plugins by default to keep compatibility
    with the FF24 line
    [31.1.0-5]
  • Added workaround for rhbz#1134876
    [31.1.0-3]
  • Disable mozilla::pkix (mozbz#1063315)
  • Enable image cache
    [31.1.0-2]
  • A workaround for rhbz#1110291
    [31.1.0-1]
  • Update to 31.1.0 ESR
    [31.0-3]
  • Built with system libvpx/WebM
    [31.0-2]
  • Built with system nss/nspr
    [31.0-1]
  • Update to 31.0 ESR
    [24.6.0-1]
  • Update to 24.6.0 ESR
    [24.5.0-2]
  • Removed unused patches
    [24.5.0-1]
  • Update to 24.5.0 ESR
    [24.4.0-3]
  • Added a workaround for Bug 1054242 - RHEVM: Extremely high memory
    usage in Firefox 24 ESR on RHEL 6.5
    [24.4.0-2]
  • fixed rhbz#1067343 - Broken languagepack configuration
    after firefox update
    [24.4.0-1]
  • Update to 24.4.0 ESR
    [24.3.0-3]
  • fixed rhbz#1054832 - Firefox does not support Camellia cipher
    [24.3.0-1]
  • Update to 24.3.0 ESR
    [24.2.0-3]
  • Mass rebuild 2014-01-24
    [24.2.0-2]
  • Mass rebuild 2013-12-27
    [24.2.0-1]
  • Update to 24.2.0 ESR
    [24.1.0-5]
  • Fixed mozbz#938730 - avoid mix of memory allocators (crashes)
    when using system sqlite
    [24.1.0-4]
  • Fixed rhbz#1034541 - No translation being picked up
    from langpacks for firefox
    [24.1.0-3]
  • Conflicts with old, xulrunner based firefox
    [24.1.0-2]
  • Ship dependentlibs.list (rhbz#1027782)
  • Nss/nspr dependency update
    [24.1.0-1]
  • Update to 24.1.0 ESR
    [24.0-2]
  • Build as stand alone browser, without xulrunner
    [24.0-1]
  • Update to 24.0 ESR
    [17.0.9-1]
  • Update to 17.0.9 ESR
    [17.0.8-2]
  • Desktop file update
  • Spec file tweaks
    [17.0.8-1]
  • Update to 17.0.8 ESR
    [17.0.7-2]
  • Updated manual page
    [17.0.7-1]
  • Update to 17.0.7 ESR
    [17.0.6-1]
  • Update to 17.0.6 ESR
    [17.0.5-3]
  • Removed mozilla prefix from desktop file (rhbz#826960)
    [17.0.5-2]
  • Updated XulRunner SDK check
    [17.0.5-1]
  • Update to 17.0.5 ESR
    [17.0.4-2]
  • Fixed rhbz#837606 - firefox has no x-scheme-handler/http mime
    [17.0.4-1]
  • Update to 17.0.4 ESR
  • Added fix for mozbz#239254 - [Linux] Support disk cache on a local path
    [17.0.2-3]
  • Added NM preferences
    [17.0.2-2]
  • Updated preferences (NFS, nspluginwrapper)
    [17.0.2-1]
  • Update to 17.0.2 ESR
    [17.0.1-1]
  • Update to 17.0.1 ESR
    [10.0.8-2]
  • Update to 10.0.8 ESR
    [10.0.7-1]
  • Update to 10.0.7 ESR
    [10.0.6-1]
  • Update to 10.0.6 ESR
    [10.0.5-4]
  • Enabled WebM
    [10.0.5-2]
  • Added fix for mozbz#703633, rhbz#818341
    [10.0.5-1]
  • Update to 10.0.5 ESR
    [10.0.4-1]
  • Update to 10.0.4 ESR
    [10.0.3-1]
  • Update to 10.0.3 ESR
    [10.0.1-1]
  • Update to 10.0.1 ESR
    [10.0-3]
  • Update to 10.0 ESR
    [10.0-1]
  • Update to 10.0
    [7.0-5]
  • Update to 7.0
    [7.0-4]
  • Update to 7.0 Beta 6
    [7.0-2]
  • Update to 7.0 Beta 4
    [5.0-1]
  • Update to 5.0
    [3.6.18-1]
  • Fixed #698313 - ‘background-repeat’ css property isn’t rendered well
  • Update to 3.6.18
    [3.6.17-1]
  • Update to 3.6.17
    [3.6.15-1]
  • Update to 3.6.15
    [3.6.14-4]
  • Update to build3
    [3.6.14-3]
  • Update to build2
    [3.6.14-2]
  • Update to 3.6.14

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.604 Medium

EPSS

Percentile

97.5%