LANDESK Patch News Bulletin: Mozilla has Released Firefox 41.0 for Windows 23-SEP-2015

Version 1

    LANDESK Security and Patch News


    Headlines

    ·         (September 23, 2015) Mozilla has released Firefoxv 41.0 for Windows. Fixed in Firefox 41.0:
    2015-114 Information disclosure via the High Resolution Time API
    2015-113 Memory safety errors in libGLES in the ANGLE graphics library
    2015-112 Vulnerabilities found through code inspection
    2015-111 Errors in the handling of CORS preflight request headers
    2015-110 Dragging and dropping images exposes final URL after redirects
    2015-109 JavaScript immutable property enforcement can be bypassed
    2015-108 Scripted proxies can access inner window
    2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems
    2015-106 Use-after-free while manipulating HTML media content
    2015-105 Buffer overflow while decoding WebM video
    2015-104 Use-after-free with shared workers and IndexedDB
    2015-103 URL spoofing in reader mode
    2015-102 Crash when using debugger with SavedStacks in JavaScript
    2015-101 Buffer overflow in libvpx while parsing vp9 format video
    2015-100 Arbitrary file manipulation by local user through Mozilla updater
    2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme
    2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes
    2015-97 Memory leak in mozTCPSocket to servers
    2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
    Please visit the following page for more details: http://www.mozilla.org/security/known-vulnerabilities/firefox.html


    New Vulnerabilities

    ·           Vulnerability ID – FIREFOXv41.0_ENU


    Changed Vulnerabilities

    ·           Vulnerability ID – FIREFOXv40.0.3_ENU
    (Added the replacement information.)


    New Patch Downloads

    ·          Firefox_Setup_41.0_ENU.exe


    Where to Send Feedback

    At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

     

    Best regards,

    LANDESK Product Support

     

    Copyright © 2015 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

     

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.LANDESK.com.