LANDesk Patch News Bulletin: Mozilla has Released Firefox ESR 10.0.7 30-AUG-2012

Version 1

    LANDesk Security and Patch News

     

    Headlines

    • (August 29,2012) Mozilla  has released Firefox ESR 10.0.7. The following issues have been resolved in this release:

    ·         MFSA 2012-72 Web console eval capable of executing chrome-privileged code

    ·         MFSA 2012-71 Insecure use of __android_log_print

    ·         MFSA 2012-70 Location object security checks bypassed by chrome code

    ·         MFSA 2012-69 Incorrect site SSL certificate data display

    ·         MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html

    ·         MFSA 2012-67 Installer will launch incorrect executable following new installation

    ·         MFSA 2012-66 HTTPMonitor extension allows for remote debugging without explicit activation

    ·         MFSA 2012-65 Out-of-bounds read in format-number in XSLT

    ·         MFSA 2012-64 Graphite 2 memory corruption

    ·         MFSA 2012-63 SVG buffer overflow and use-after-free issues

    ·         MFSA 2012-62 WebGL use-after-free and memory corruption

    ·         MFSA 2012-61 Memory corruption with bitmap format images with negative height

    ·         MFSA 2012-60 Escalation of privilege through about:newtab

    ·         MFSA 2012-58 Use-after-free issues found using Address Sanitizer

    ·         MFSA 2012-57 Miscellaneous memory safety hazards

     

           

    New Vulnerabilities

    • Vulnerability ID – FIREFOXESRv10.0.7_ENU

     

    Changed Vulnerabilities

    • Vulnerability ID – FIREFOXESRv10.0.6_ENU (Added the replacement information.)

     

     

    New Patch Downloads

    • firefox setup 10.0.7esr_enu.exe

     

    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

     

    Best regards,

    LANDesk Product Support

     

    Copyright © 2012 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

     

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.landesk.com.