Project

General

Profile

Bug #7425

[3.6] firefox-esr: Multiple vulnerabilities (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764, CVE-2017-7778)

Added by Alicha CH almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
06/15/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2017-5470: Memory safety bugs
CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
CVE-2017-7749: Use-after-free during docshell reloading
CVE-2017-7750: Use-after-free with track elements
CVE-2017-7751: Use-after-free with content viewer listeners
CVE-2017-7752: Use-after-free with IME input
CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
CVE-2017-7757: Use-after-free in IndexedDB
CVE-2017-7758: Out-of-bounds read in Opus encoder
CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
CVE-2017-7778: Vulnerabilities in the Graphite 2 library

Fixed in:

Firefox ESR 52.2

Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/

Associated revisions

Revision c6c27a81 (diff)
Added by Natanael Copa almost 2 years ago

community/firefox-esr: security upgrade to 52.2.0

fixes #7425

History

#1 Updated by Natanael Copa almost 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH almost 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF