LANDESK Patch News Bulletin: Mozilla has Released Firefox Version 38.0 for Windows 13-MAY-2015

Version 1

    LANDESK Security and Patch News     

     

    Headlines

    ·     (May 13, 2015) Mozilla has released Firefox version 38.0. The following issues are fixed in Firefox 38 :
    2015-58 Mozilla Windows updater can be run outside of application directory
    2015-57 Privilege escalation through IPC channel messages
    2015-56 Untrusted site hosting trusted page can intercept webchannel responses
    2015-55 Buffer overflow and out-of-bounds read while parsing MP4 video metadata
    2015-54 Buffer overflow when parsing compressed XML
    2015-53 Use-after-free due to Media Decoder Thread creation during shutdown
    2015-52 Sensitive URL encoded information written to Android logcat
    2015-51 Use-after-free during text processing with vertical text enabled
    2015-50 Out-of-bounds read and write in asm.js validation
    2015-49 Referrer policy ignored when links opened by middle-click and context menu
    2015-48 Buffer overflow with SVG content and CSS
    2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
    2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
    Please visit the following page for more details:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html  
      

     

    New Vulnerabilities     

      ·       Vulnerability ID – FIREFOXv38.0_ENU  

     

    Changed Vulnerabilities     

    ·       Vulnerability ID – FIREFOXv37.0.2_ENU
    (Added the replacement information.) 
      

     

    New Patch Downloads     

    ·         Firefox_Setup_38.0_ENU.exe  

     

    Where to Send Feedback           

    At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.    

      

    Best regards,  

    LANDESK Product Support  

      

    Copyright © 2015 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.    

      

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.LANDESK.com