Security update for Mozilla Firefox (important)

ID OPENSUSE-SU-2016:2639-1
Type suse
Reporter Suse
Modified 2016-10-26T09:06:13


Mozilla Firefox was updated to 49.0.2 to fix two security issues a some bugs.

The following vulnerabilities were fixed:

  • CVE-2016-5287: Crash in nsTArray_base (bsc#1006475)
  • CVE-2016-5288: Web content can read cache entries (bsc#1006476)

The following changes and fixes are included:

  • Asynchronous rendering of the Flash plugins is now enabled by default
  • Change D3D9 default fallback preference to prevent graphical artifacts
  • Network issue prevents some users from seeing the Firefox UI on startup
  • Web compatibility issue with file uploads
  • Web compatibility issue with Array.prototype.values
  • Diagnostic information on timing for tab switching
  • Fix a Canvas filters graphics issue affecting HTML5 apps