Updated firefox packages fix security vulnerabilities
Publication date: 15 Dec 2016Modification date: 15 Dec 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9893 , CVE-2016-9895 , CVE-2016-9897 , CVE-2016-9898 , CVE-2016-9899 , CVE-2016-9900 , CVE-2016-9901 , CVE-2016-9902 , CVE-2016-9904 , CVE-2016-9905
Description
Multiple flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox
(CVE-2016-9893, CVE-2016-9899, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898,
CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905).
References
- https://bugs.mageia.org/show_bug.cgi?id=19945
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
- https://rhn.redhat.com/errata/RHSA-2016-2946.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
SRPMS
5/core
- firefox-45.6.0-1.mga5
- firefox-l10n-45.6.0-1.mga5