LANDESK Patch News Bulletin: Mozilla has Released Firefox Version 43.0 for Windows 16-DEC-2015

Version 1

    LANDESK Security and Patch News


    Headlines

    ·           (December 16, 2015) Mozilla has released Firefox version 43.0 for Windows. The following issues are fixed in Firefox 43:
    2015-149 Cross-site reading attack through data and view-source URIs
    2015-148 Privilege escalation vulnerabilities in WebExtension APIs
    2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
    2015-146 Integer overflow in MP4 playback in 64-bit versions
    2015-145 Underflow through code inspection
    2015-144 Buffer overflows found through code inspection
    2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library
    2015-142 DOS due to malformed frames in HTTP/2
    2015-141 Hash in data URI is incorrectly parsed
    2015-140 Cross-origin information leak through web workers error events
    2015-139 Integer overflow allocating extremely large textures
    2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
    2015-137 Firefox allows for control characters to be set in cookies
    2015-136 Same-origin policy violation using perfomance.getEntries and history navigation
    2015-135 Crash with JavaScript variable assignment with unboxed objects
    2015-134 Miscellaneous memory safety hazards
    Please visit the following page for more details: http://www.mozilla.org/security/known-vulnerabilities/firefox.html


    New Vulnerabilities

    ·           Vulnerability ID – FIREFOXv43.0_ENU


    Changed Vulnerabilities

    ·           Vulnerability ID – FIREFOXv42.0_ENU
      (Added the replacement information.)


    New Patch Downloads

    ·          Firefox_Setup_43.0_ENU.exe


    Where to Send Feedback

    At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

     

    Best regards,

    LANDESK Product Support

     

    Copyright © 2015 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

     

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.LANDESK.com.