firefox-45.5.0-1.0.1.AXS4
エラータID: AXSA:2016-951:09
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
Security issues fixed with this release:
CVE-2016-5290
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5291
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5296
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5297
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-9064
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-9066
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
Update packages.
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
N/A
SRPMS
- firefox-45.5.0-1.0.1.AXS4.src.rpm
MD5: 2df0cb95697c536c49489d6def342493
SHA-256: 4eaefcc58ef1842f5ad2f155649469a313495c7de71c317f4c2dda65e88137db
Size: 337.50 MB
Asianux Server 4 for x86
- firefox-45.5.0-1.0.1.AXS4.i686.rpm
MD5: 408f88b5080eab28acc865c1380b3d4b
SHA-256: 6b30b25607ad6b4ae07c820bece946299d607eff64a8c2c93a8f1cef96ab38eb
Size: 75.06 MB
Asianux Server 4 for x86_64
- firefox-45.5.0-1.0.1.AXS4.x86_64.rpm
MD5: f5593919304c7838c1d9c56444d3808c
SHA-256: 718d9a1bae8996b82082c9e56764d7ab6a44c152eb0d14c4695b643f99d9b177
Size: 74.24 MB - firefox-45.5.0-1.0.1.AXS4.i686.rpm
MD5: 408f88b5080eab28acc865c1380b3d4b
SHA-256: 6b30b25607ad6b4ae07c820bece946299d607eff64a8c2c93a8f1cef96ab38eb
Size: 75.06 MB
日本語