File _patchinfo of Package patchinfo.3232
<patchinfo incident="3232"> <issue id="991344" tracker="bnc">Rpi3: Firefox crashes after a few seconds of usage</issue> <issue id="999701" tracker="bnc">VUL-0: MozillaFirefox 49 / 45.4 security release "MFSA 2016-85" and "MFSA 2016-86"</issue> <issue id="2016-5272" tracker="cve" /> <issue id="2016-5276" tracker="cve" /> <issue id="2016-5284" tracker="cve" /> <issue id="2016-5278" tracker="cve" /> <issue id="2016-5280" tracker="cve" /> <issue id="2016-5281" tracker="cve" /> <issue id="2016-5257" tracker="cve" /> <issue id="2016-5270" tracker="cve" /> <issue id="2016-5261" tracker="cve" /> <issue id="2016-5274" tracker="cve" /> <issue id="2016-5277" tracker="cve" /> <issue id="2016-5250" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pcerny</packager> <description> MozillaFirefox was updated to version 45.4.0 ESR to fix the following issues: Security issues fixed: (bsc#999701 MFSA 2016-86): * CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString * CVE-2016-5272: Bad cast in nsImageGeometryMixin * CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList * CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState * CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick * CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame * CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap * CVE-2016-5281: use-after-free in DOMSVGLength * CVE-2016-5284: Add-on update site certificate pin expiration * CVE-2016-5250: Resource Timing API is storing resources sent by the previous page * CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel * CVE-2016-5257: Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 Bug fixed: - Fix for aarch64 Firefox startup crash (bsc#991344) </description> <summary>Security update for MozillaFirefox</summary> </patchinfo>
