Updated firefox packages fix security vulnerabilities
Publication date: 19 Nov 2017Modification date: 19 Nov 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-7826 , CVE-2017-7828 , CVE-2017-7830
Description
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2017-7826, CVE-2017-7828, CVE-2017-7830).
References
- https://bugs.mageia.org/show_bug.cgi?id=22024
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
- https://access.redhat.com/errata/RHSA-2017:3247
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7826
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7828
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7830
SRPMS
5/core
- rootcerts-20171025.00-1.mga5
- nss-3.28.6-1.1.mga5
- firefox-52.5.0-1.mga5
- firefox-l10n-52.5.0-1.mga5
6/core
- rootcerts-20171025.00-1.mga6
- nss-3.28.6-1.1.mga6
- firefox-52.5.0-1.mga6
- firefox-l10n-52.5.0-1.mga6