[3.4] firefox-esr: various vulnerabilities (CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905)
CVE-2016-9893: Memory safety bugs
CVE-2016-9895: CSP bypass using marquee tag
CVE-2016-9897: Memory corruption in libGLES
CVE-2016-9898: Use-after-free in Editor while manipulating DOM
subtrees
CVE-2016-9899: Use-after-free while manipulating DOM events and
audio elements
CVE-2016-9900: Restricted external resources can be loaded by SVG
images through data URLs
CVE-2016-9901: Data from Pocket server improperly sanitized before
execution
CVE-2016-9902: Pocket extension does not validate the origin of
events
CVE-2016-9904: Cross-origin information leak in shared atoms
CVE-2016-9905: Crash in EnumerateSubDocuments
Fixed in:
Firefox ESR 45.6
Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
(from redmine: issue id 6532, created on 2016-12-15, closed on 2016-12-27)
- Relations:
- parent #6530 (closed)
- Changesets:
- Revision 38ef2d23 by Sergei Lukin on 2016-12-27T06:18:52Z:
community/firefox-esr: security upgrade to 45.6.0 - fixes #6532
CVE-2016-9893: Memory safety bugs
CVE-2016-9895: CSP bypass using marquee tag
CVE-2016-9897: Memory corruption in libGLES
CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
CVE-2016-9901: Data from Pocket server improperly sanitized before execution
CVE-2016-9902: Pocket extension does not validate the origin of events
CVE-2016-9904: Cross-origin information leak in shared atoms
CVE-2016-9905: Crash in EnumerateSubDocuments