Security update for MozillaFirefox (important)

2015-10-09T09:10:00
ID SUSE-SU-2015:1703-1
Type suse
Reporter Suse
Modified 2015-10-09T09:10:00

Description

Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003), fixing bugs and security issues.

  • MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
  • MFSA 2015-101/CVE-2015-4506 Buffer overflow in libvpx while parsing vp9 format video
  • MFSA 2015-105/CVE-2015-4511 Buffer overflow while decoding WebM video
  • MFSA 2015-106/CVE-2015-4509 Use-after-free while manipulating HTML media content
  • MFSA 2015-110/CVE-2015-4519 Dragging and dropping images exposes final URL after redirects
  • MFSA 2015-111/CVE-2015-4520 Errors in the handling of CORS preflight request headers
  • MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522 CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177 CVE-2015-7180 Vulnerabilities found through code inspection

More details can be found on <a rel="nofollow" href="https://www.mozilla.org/en-US/security/advisories/">https://www.mozilla.org/en-US/security/advisories/</a>