Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.3044
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3044
<patchinfo incident="3044"> <issue id="990856" tracker="bnc">VUL-1: CVE-2016-6354: flex,flex-old: buffer overflow in generated code (yy_get_next_buffer)</issue> <issue id="991809" tracker="bnc">VUL-0: MozillaFirefox: multiple vulnerabilities fixed in 48.0/45.3</issue> <issue id="990628" tracker="bnc">L3: Firefox 45.2.0esr crashes frequently</issue> <issue id="989196" tracker="bnc">MozillaFirefox 45.2.0esr exhibits stalls in rendering web pages in tabs</issue> <issue id="2016-2835" tracker="cve" /> <issue id="2016-5258" tracker="cve" /> <issue id="2016-2837" tracker="cve" /> <issue id="2016-2836" tracker="cve" /> <issue id="2016-6354" tracker="cve" /> <issue id="2016-2830" tracker="cve" /> <issue id="2016-5259" tracker="cve" /> <issue id="2016-5254" tracker="cve" /> <issue id="2016-5252" tracker="cve" /> <issue id="2016-2839" tracker="cve" /> <issue id="2016-2838" tracker="cve" /> <issue id="2016-5263" tracker="cve" /> <issue id="2016-5262" tracker="cve" /> <issue id="2016-5265" tracker="cve" /> <issue id="2016-5264" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pcerny</packager> <description> MozillaFirefox was updated to 45.3.0 ESR to fix the following issues (bsc#991809): * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards (rv:48.0 / rv:45.3) * MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG with bidirectional content * MFSA 2016-65/CVE-2016-2839 Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 * MFSA 2016-67/CVE-2016-5252 Stack underflow during 2D graphics rendering * MFSA 2016-70/CVE-2016-5254 Use-after-free when using alt key and toplevel menus * MFSA 2016-72/CVE-2016-5258 Use-after-free in DTLS during WebRTC session shutdown * MFSA 2016-73/CVE-2016-5259 Use-after-free in service workers with nested sync events * MFSA 2016-76/CVE-2016-5262 Scripts on marquee tag can execute in sandboxed iframes * MFSA 2016-77/CVE-2016-2837 Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback * MFSA 2016-78/CVE-2016-5263 Type confusion in display transformation * MFSA 2016-79/CVE-2016-5264 Use-after-free when applying SVG effects * MFSA 2016-80/CVE-2016-5265 Same-origin policy violation using local HTML file and saved shortcut file * CVE-2016-6354: Fix for possible buffer overrun (bsc#990856) Also a temporary workaround was added: - Temporarily bind Firefox to the first CPU as a hotfix for an apparent race condition (bsc#989196, bsc#990628) </description> <summary>Security update for MozillaFirefox</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor