|
|
Subscribe / Log in / New account

Mageia alert MGASA-2016-0329 (firefox/rootcerts/nss)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2016-0329: Updated firefox/rootcerts/nss packages fix security vulnerability 


Date:
    	      Wed, 28 Sep 2016 07:59:59 +0200


Message-ID:
    	      <20160928055959.6F1489F793@duvel.mageia.org>


MGASA-2016-0329 - Updated firefox/rootcerts/nss packages fix security vulnerability

Publication date: 28 Sep 2016
URL: http://advisories.mageia.org/MGASA-2016-0329.html
Type: security
Affected Mageia releases: 5
CVE: CVE-2016-5250,
     CVE-2016-5257,
     CVE-2016-5261,
     CVE-2016-5270,
     CVE-2016-5272,
     CVE-2016-5274,
     CVE-2016-5276,
     CVE-2016-5277,
     CVE-2016-5278,
     CVE-2016-5280,
     CVE-2016-5281,
     CVE-2016-5284

Description:
Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox (CVE-2016-5257, CVE-2016-5278, CVE-2016-5270,
CVE-2016-5272, CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5280,
CVE-2016-5281, CVE-2016-5284, CVE-2016-5250, CVE-2016-5261).

References:
- https://bugs.mageia.org/show_bug.cgi?id=19441
- https://www.mozilla.org/en-US/security/advisories/mfsa201...
- https://www.mozilla.org/en-US/security/known-vulnerabilit...
- https://rhn.redhat.com/errata/RHSA-2016-1912.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5250
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5261
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284

SRPMS:
- 5/core/rootcerts-20160826.00-1.mga5
- 5/core/nss-3.26.0-1.1.mga5
- 5/core/firefox-45.4.0-2.mga5
- 5/core/firefox-l10n-45.4.0-1.mga5
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds