This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the
following issues:
This security issue was fixed for mozilla-nss:
- CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating
handshake hashes (bsc#1061005)
These security issues were fixed for Firefox
- CVE-2017-7825: Fixed some Tibetan and Arabic unicode characters
rendering (bsc#1060445).
- CVE-2017-7805: Prevent Use-after-free in TLS 1.2 generating handshake
hashes (bsc#1060445).
- CVE-2017-7819: Prevent Use-after-free while resizing images in design
mode (bsc#1060445).
- CVE-2017-7818: Prevent Use-after-free during ARIA array manipulation
(bsc#1060445).
- CVE-2017-7793: Prevent Use-after-free with Fetch API (bsc#1060445).
- CVE-2017-7824: Prevent Buffer overflow when drawing and validating
elements with ANGLE (bsc#1060445).
- CVE-2017-7810: Fixed several memory safety bugs (bsc#1060445).
- CVE-2017-7823: CSP sandbox directive did not create a unique origin
(bsc#1060445).
- CVE-2017-7814: Blob and data URLs bypassed phishing and malware
protection warnings (bsc#1060445).