firefox-45.4.0-1.0.1.AXS4

エラータID: AXSA:2016-683:08

Release date: 
Tuesday, September 27, 2016 - 15:22
Subject: 
firefox-45.4.0-1.0.1.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

Security issues fixed with this release:

CVE-2016-5250
Mozilla Firefox before 48.0 allows remote attackers to obtain
sensitive information about the previously retrieved page via Resource
Timing API calls.
CVE-2016-5257
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5261
Integer overflow in the WebSocketChannel class in the WebSockets
subsystem in Mozilla Firefox before 48.0 allows remote attackers to
execute arbitrary code or cause a denial of service (memory
corruption) via crafted packets that trigger incorrect buffer-resize
operations during buffering.
CVE-2016-5270
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5272
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5274
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5276
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5277
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5278
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5280
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5281
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5284
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2016-5250
Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.
CVE-2016-5257
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-5261
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
CVE-2016-5270
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.
CVE-2016-5272
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2016-5274
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.
CVE-2016-5276
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.
CVE-2016-5277
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.
CVE-2016-5278
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.
CVE-2016-5280
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text.
CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
Additional Info: 

N/A

Download: 

SRPMS
  1. firefox-45.4.0-1.0.1.AXS4.src.rpm
    MD5: 6cd8e3083680d004c9d8f786ac2322db
    SHA-256: 3edddb6530df891a1ff40dc9f4e3eb62f9960630efe4c727ee5311f16e7be4f8
    Size: 337.83 MB

Asianux Server 4 for x86
  1. firefox-45.4.0-1.0.1.AXS4.i686.rpm
    MD5: f2bdb8f0cadf197e6a3161ff4e3a274d
    SHA-256: 9d3b3a596d980e45042f8f4e0541654b3b7d266c62780750592e224b1e550981
    Size: 75.03 MB

Asianux Server 4 for x86_64
  1. firefox-45.4.0-1.0.1.AXS4.x86_64.rpm
    MD5: f41e7f77bf7b983f07cb20c07f24a792
    SHA-256: a69eb724053c19e4d2cc6d86ed42976124180267b0fb96391881ca7c8065fea6
    Size: 74.22 MB
  2. firefox-45.4.0-1.0.1.AXS4.i686.rpm
    MD5: f2bdb8f0cadf197e6a3161ff4e3a274d
    SHA-256: 9d3b3a596d980e45042f8f4e0541654b3b7d266c62780750592e224b1e550981
    Size: 75.03 MB