Updated firefox/rootcerts/nss packages fix security vulnerability
Publication date: 28 Sep 2016Modification date: 28 Sep 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5250 , CVE-2016-5257 , CVE-2016-5261 , CVE-2016-5270 , CVE-2016-5272 , CVE-2016-5274 , CVE-2016-5276 , CVE-2016-5277 , CVE-2016-5278 , CVE-2016-5280 , CVE-2016-5281 , CVE-2016-5284
Description
Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox (CVE-2016-5257, CVE-2016-5278, CVE-2016-5270,
CVE-2016-5272, CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5280,
CVE-2016-5281, CVE-2016-5284, CVE-2016-5250, CVE-2016-5261).
References
- https://bugs.mageia.org/show_bug.cgi?id=19441
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
- https://rhn.redhat.com/errata/RHSA-2016-1912.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5250
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5261
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284
SRPMS
5/core
- rootcerts-20160826.00-1.mga5
- nss-3.26.0-1.1.mga5
- firefox-45.4.0-2.mga5
- firefox-l10n-45.4.0-1.mga5