LANDESK Patch News Bulletin: Firefox Version 39.0 is Available for Windows 03-JUL-2015

Version 1

    LANDESK Security and Patch News    



    ·     (July 3, 2015) Firefox version 39.0 has been released by Mozilla. The following items are fixed in Firefox 39:
    2015-71 NSS incorrectly permits skipping of ServerKeyExchange
    2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites
    2015-69 Privilege escalation in PDF.js
    2015-68 OS X crash reports may contain entered key press information
    2015-67 Key pinning is ignored when overridable errors are encountered
    2015-66 Vulnerabilities found through code inspection
    2015-65 Use-after-free in workers while using XMLHttpRequest
    2015-64 ECDSA signature validation fails to handle some signatures correctly
    2015-63 Use-after-free in Content Policy due to microtask execution error
    2015-62 Out-of-bound read while computing an oscillator rendering range in Web Audio
    2015-61 Type confusion in Indexed Database Manager
    2015-60 Local files or privileged URLs in pages can be opened into new tabs
    2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
    Please visit the following page for more details:  


    New Vulnerabilities    

      ·       Vulnerability ID – FIREFOXv39.0_ENU 


    Changed Vulnerabilities    

    ·       Vulnerability ID – FIREFOXv38.0.6_ENU
    (Added the replacement information.) 


    New Patch Downloads    

      ·               Firefox_Setup_39.0_ENU.exe 


    Where to Send Feedback          

    At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.   


    Best regards, 

    LANDESK Product Support 


    Copyright © 2015 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.   


    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit