Opened 8 years ago
Closed 8 years ago
#7496 closed defect (fixed)
firefox-45.0
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | highest | Milestone: | 7.9 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Dunno if this is too late for 7.9, but it contains the usual crop of security fixes listed at https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/
including the following marked as critical:
2016-37 Font vulnerabilities in the Graphite 2 library
2016-35 Buffer overflow during ASN.1 decoding in NSS (and nss-3.23 is out)
2016-27 Use-after-free during XML transformations
2016-25 Use-after-free when using multiple WebRTC data channels
2016-24 Use-after-free in SetBody
2016-23 Use-after-free in HTML5 string parser
2016-22 Service Worker Manager out-of-bounds read in Service Worker Manager
Change History (3)
comment:1 by , 8 years ago
comment:2 by , 8 years ago
| Milestone: | 7.10 → 7.9 |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
I was not sure about when you would be cutting 7.9 in BLFS. I've now built it on the 7.8 system I'm running, will measure this on a faster 7.9 system.
If you can get this into svn in the next few hours, we can put it into 7.9. We will always run into the situation when a security fix comes in a day or a few hours after a release. If we miss this, then we can always post a message in errata.