16 * added patch to fix unchecked return value |
22 * added patch to fix unchecked return value |
17 mozilla-check_return.patch |
23 mozilla-check_return.patch |
18 * Gtk3 builds not supported at the moment |
24 * Gtk3 builds not supported at the moment |
19 security fixes: |
25 security fixes: |
20 * MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807 |
26 * MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807 |
|
27 (boo#977373, boo#977375, boo#977376) |
21 Miscellaneous memory safety hazards |
28 Miscellaneous memory safety hazards |
22 * MFSA 2016-40/CVE-2016-2809 (bmo#1212939) |
29 * MFSA 2016-40/CVE-2016-2809 (bmo#1212939, boo#977377) |
23 Privilege escalation through file deletion by Maintenance Service updater |
30 Privilege escalation through file deletion by Maintenance Service updater |
24 (Windows only) |
31 (Windows only) |
25 * MFSA 2016-41/CVE-2016-2810 (bmo#1229681) |
32 * MFSA 2016-41/CVE-2016-2810 (bmo#1229681, boo#977378) |
26 Content provider permission bypass allows malicious application |
33 Content provider permission bypass allows malicious application |
27 to access data (Android only) |
34 to access data (Android only) |
28 * MFSA 2016-42/CVE-2016-2811/CVE-2016-2812 (bmo#1252330, bmo#1261776) |
35 * MFSA 2016-42/CVE-2016-2811/CVE-2016-2812 |
|
36 (bmo#1252330, bmo#1261776, boo#977379) |
29 Use-after-free and buffer overflow in Service Workers |
37 Use-after-free and buffer overflow in Service Workers |
30 * MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650) |
38 * MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650, boo#977380) |
31 Disclosure of user actions through JavaScript with motion and |
39 Disclosure of user actions through JavaScript with motion and |
32 orientation sensors (only affects mobile variants) |
40 orientation sensors (only affects mobile variants) |
33 * MFSA 2016-44/CVE-2016-2814 (bmo#1254721) |
41 * MFSA 2016-44/CVE-2016-2814 (bmo#1254721, boo#977381) |
34 Buffer overflow in libstagefright with CENC offsets |
42 Buffer overflow in libstagefright with CENC offsets |
35 * MFSA 2016-45/CVE-2016-2816 (bmo#1223743) |
43 * MFSA 2016-45/CVE-2016-2816 (bmo#1223743, boo#977382) |
36 CSP not applied to pages sent with multipart/x-mixed-replace |
44 CSP not applied to pages sent with multipart/x-mixed-replace |
37 * MFSA 2016-46/CVE-2016-2817 (bmo#1227462) |
45 * MFSA 2016-46/CVE-2016-2817 (bmo#1227462, boo#977384) |
38 Elevation of privilege with chrome.tabs.update API in web extensions |
46 Elevation of privilege with chrome.tabs.update API in web extensions |
39 * MFSA 2016-47/CVE-2016-2808 (bmo#1246061) |
47 * MFSA 2016-47/CVE-2016-2808 (bmo#1246061, boo#977386) |
40 Write to invalid HashMap entry through JavaScript.watch() |
48 Write to invalid HashMap entry through JavaScript.watch() |
41 * MFSA 2016-48/CVE-2016-2820 (bmo#870870) |
49 * MFSA 2016-48/CVE-2016-2820 (bmo#870870, boo#977388) |
42 Firefox Health Reports could accept events from untrusted domains |
50 Firefox Health Reports could accept events from untrusted domains |
43 |
51 |
44 ------------------------------------------------------------------- |
52 ------------------------------------------------------------------- |
45 Thu Apr 21 12:00:28 UTC 2016 - badshah400@gmail.com |
53 Thu Apr 21 12:00:28 UTC 2016 - badshah400@gmail.com |
46 |
54 |