Security update for MozillaFirefox
MozillaFirefox is updated to version 50.0.2 which fixes the following issues:
* Firefox crashed with 3rd party Chinese IME when using IME text (fixed in
version 50.0.1)
* Redirection from an HTTP connection to a data: URL could inherit wrong origin
after an HTTP redirect
(fixed in version 50.0.1, bmo#1317641, MFSA 2016-91, boo#1012807, CVE-2016-9078)
* Maliciously crafted SVG animations could cause remote code execution
(fixed in version 50.0.2, bmo#1321066, MFSA 2016-92, boo##1012964, CVE-2016-9079)
-
Submitted by
Wolfgang Rosenauer (wrosenauer)
Fixed bugs
bnc#1012807
VUL-0: CVE-2016-9078: MozillaFirefox: data: URL can inherit wrong origin after an HTTP redirect
bnc#1012964
VUL-0: CVE-2016-9079: MozillaFirefox,MozillaThunderbird: SVG Animation Remote Code Execution (MFSA 2016-92)
