Changes between Initial Version and Version 1 of Ticket #6988
- Timestamp:
- 10/16/2015 12:52:54 AM (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #6988
- Property Owner changed from to
- Property Status new → assigned
- Property Summary firefox-41.0.1 → firefox-41.0.2
-
Ticket #6988 – Description
initial v1 1 [https://ftp.mozilla.org/pub/firefox/releases/41.0. 1/source/firefox-41.0.1.source.tar.xz]1 [https://ftp.mozilla.org/pub/firefox/releases/41.0.2/source/firefox-41.0.1.source.tar.xz] 2 2 3 [https://ftp.mozilla.org/pub/firefox/releases/41.0. 1/MD5SUMS]3 [https://ftp.mozilla.org/pub/firefox/releases/41.0.2/MD5SUMS] 4 4 5 d 53d863642b34b446ee7600bdad000a15 d71f0f761c51aeae03e367001afc9f8d 6 6 7 [https://ftp.mozilla.org/pub/firefox/releases/41.0.1/MD5SUMS.asc] 7 [https://ftp.mozilla.org/pub/firefox/releases/41.0.2/MD5SUMS.asc] 8 9 Now 41.0.2, fixes Mozilla Foundation Security Advisory 2015-115 10 11 "Security researcher Abdulrahman Alqabandi reported that the fetch() API did not correctly implement the Cross-Origin Resource Sharing (CORS) specification, allowing a malicious page to access private data from other origins. Mozilla developer Ben Kelly independently reported the same issue. CVE-2015-7184" 12 13 Following 41.0.1 items NOT changed. 14 In practice, that CVE is still marked as "reserved" 8 15 9 16 [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41.0.1]