MozillaFirefox was updated to version 45.4.0 ESR to fix the following
issues:
Security issues fixed: (bsc#999701 MFSA 2016-86):
- CVE-2016-5270: Heap-buffer-overflow in
nsCaseTransformTextRunFactory::TransformString
- CVE-2016-5272: Bad cast in nsImageGeometryMixin
- CVE-2016-5276: Heap-use-after-free in
mozilla::a11y::DocAccessible::ProcessInvalidationList
- CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
- CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
- CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
- CVE-2016-5280: Use-after-free in
mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
- CVE-2016-5281: use-after-free in DOMSVGLength
- CVE-2016-5284: Add-on update site certificate pin expiration
- CVE-2016-5250: Resource Timing API is storing resources sent by the
previous page
- CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
- CVE-2016-5257: Memory safety bugs fixed in Firefox 49 and Firefox ESR
45.4
Bug fixed:
- Fix for aarch64 Firefox startup crash (bsc#991344)