Updated firefox packages fix security vulnerabilities
Publication date: 15 Aug 2017Modification date: 14 Aug 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-7753 , CVE-2017-7779 , CVE-2017-7784 , CVE-2017-7785 , CVE-2017-7786 , CVE-2017-7787 , CVE-2017-7791 , CVE-2017-7792 , CVE-2017-7798 , CVE-2017-7800 , CVE-2017-7801 , CVE-2017-7802 , CVE-2017-7803 , CVE-2017-7807 , CVE-2017-7809
Description
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2017-7779, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801, CVE-2017-7753, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7792, CVE-2017-7802, CVE-2017-7807, CVE-2017-7809, CVE-2017-7791, CVE-2017-7803).
References
- https://bugs.mageia.org/show_bug.cgi?id=21476
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-19/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
- https://access.redhat.com/errata/RHSA-2017:2456
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
SRPMS
6/core
- rootcerts-20170718.00-1.mga6
- nspr-4.16-1.mga6
- nss-3.28.5-1.1.mga6
- firefox-52.3.0-1.mga6
- firefox-l10n-52.3.0-1.mga6
5/core
- rootcerts-20170718.00-1.mga5
- nspr-4.16-1.mga5
- nss-3.28.5-1.1.mga5
- firefox-52.3.0-1.mga5
- firefox-l10n-52.3.0-1.mga5