firefox-38.6.0-1.0.1.el7.AXS7

エラータID: AXSA:2016-046:01

Release date: 
Thursday, January 28, 2016 - 11:09
Subject: 
firefox-38.6.0-1.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

Security issues fixed with this release:

CVE-2016-1930
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-1935
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2016-1930
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-1935
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
Additional Info: 

N/A

Download: 

SRPMS
  1. firefox-38.6.0-1.0.1.el7.AXS7.src.rpm
    MD5: acee724c093f948548547e18fae6f451
    SHA-256: 866fa5b08c3d380aa31b647f9fdca03bf90895ce92b02d99a26bb943a76cf01e
    Size: 305.57 MB

Asianux Server 7 for x86_64
  1. firefox-38.6.0-1.0.1.el7.AXS7.x86_64.rpm
    MD5: 96a0f139cd899c92c3c8a166345d56c3
    SHA-256: 9fd204ec14dc3819ae6765f87e22887da8fdba8ecf12f4922f8b7d633ec6969c
    Size: 71.57 MB
  2. firefox-38.6.0-1.0.1.el7.AXS7.i686.rpm
    MD5: 344d4867672ef7d92be070bdce0de888
    SHA-256: e81bb80597cba78dd8c88682c9a24ea52dd0cf5b0c243c63b4c42810f767b32e
    Size: 71.77 MB