[3.5] firefox-esr: Multiple vulnerabilities (CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5409, CVE....CVE-2017-5469)
CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
CVE-2017-5401: Memory Corruption when handling ErrorResult
CVE-2017-5402: Use-after-free working with events in FontFace
objects
CVE-2017-5404: Use-after-free working with ranges in selections
CVE-2017-5407: Pixel and history stealing via floating-point timing
side channel with SVG filters
CVE-2017-5410: Memory corruption during JavaScript garbage
collection incremental sweeping
CVE-2017-5409: File deletion via callback parameter in Mozilla
Windows Updater and Maintenance Service
CVE-2017-5408: Cross-origin reading of video captions in violation
of CORS
CVE-2017-5405: FTP response codes can cause use of uninitialized
values for ports
CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox
ESR 45.8
Fixed in:
Firefox ESR 45.8
Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/
CVE-2017-5429: Memory safety bugs
CVE-2017-5432: Use-after-free in text input selection
CVE-2017-5433: Use-after-free in SMIL animation functions
CVE-2017-5434: Use-after-free during focus handling
CVE-2017-5435: Use-after-free during transaction processing in the
editor
CVE-2017-5436: Out-of-bounds write with malicious font in Graphite
2
CVE-2017-5437: Vulnerabilities in Libevent library
CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT
processing
CVE-2017-5440: Use-after-free in txExecutionState destructor during
XSLT processing
CVE-2017-5441: Use-after-free with selection during scroll events
CVE-2017-5442: Use-after-free during style changes
CVE-2017-5443: Out-of-bounds write during BinHex decoding
CVE-2017-5444: Buffer overflow while parsing
application/http-index-format content
CVE-2017-5445: Uninitialized values used while parsing
application/http-index-format content
CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent
with incorrect data
CVE-2017-5447: Out-of-bounds read during glyph processing
CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
CVE-2017-5459: Buffer overflow in WebGL
CVE-2017-5460: Use-after-free in frame selection
CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
CVE-2017-5462: DRBG flaw in NSS
CVE-2017-5464: Memory corruption with accessibility and DOM
manipulation
CVE-2017-5465: Out-of-bounds read in ConvolvePixel
CVE-2017-5469: Potential Buffer overflow in flex-generated code
Fixed in:
Firefox ESR 45.9
Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/
(from redmine: issue id 7006, created on 2017-03-13, closed on 2017-06-29)
- Changesets:
- Revision 5d4b065b on 2017-06-16T07:15:55Z:
community/firefox-esr: security upgrade to 45.9.0. Fixes #7006
CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404,
CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5409, CVE-2017-5410,
CVE-2017-5429, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435,
CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440,
CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445,
CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5459, CVE-2017-5460,
CVE-2017-5461, CVE-2017-5462, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469