LANDESK Patch News Bulletin: Mozilla has Released Firefox Version 45.0 for Windows 09-MAR-2016

Version 1

    LANDESK Security and Patch News


    Headlines

    ·         (March 9, 2016) Firefox version 45.0 has been released by Mozilla for Windows. Fixed in Firefox 45
    2016-37 Font vulnerabilities in the Graphite 2 library
    2016-36 Use-after-free during processing of DER encoded keys in NSS
    2016-35 Buffer overflow during ASN.1 decoding in NSS
    2016-34 Out-of-bounds read in HTML parser following a failed allocation
    2016-33 Use-after-free in GetStaticInstance in WebRTC
    2016-32 WebRTC and LibVPX vulnerabilities found through code inspection
    2016-31 Memory corruption with malicious NPAPI plugin
    2016-30 Buffer overflow in Brotli decompression
    2016-29 Same-origin policy violation using performance.getEntries and history navigation with session restore
    2016-28 Addressbar spoofing though history navigation and Location protocol property
    2016-27 Use-after-free during XML transformations
    2016-26 Memory corruption when modifying a file being read by FileReader
    2016-25 Use-after-free when using multiple WebRTC data channels
    2016-24 Use-after-free in SetBody
    2016-23 Use-after-free in HTML5 string parser
    2016-22 Service Worker Manager out-of-bounds read in Service Worker Manager
    2016-21 Displayed page address can be overridden
    2016-20 Memory leak in libstagefright when deleting an array during MP4 processing
    2016-19 Linux video memory DOS with Intel drivers
    2016-18 CSP reports fail to strip location information for embedded iframe pages
    2016-17 Local file overwriting and potential privilege escalation through CSP reports
    2016-16 Miscellaneous memory safety hazards Please visit the following page for more details:

    http://www.mozilla.org/security/known-vulnerabilities/firefox.html


    New Vulnerabilities

    ·           Vulnerability ID – FIREFOXv45.0_ENU


    Changed Vulnerabilities

    ·         Vulnerability ID – FIREFOXv44.0.2_ENU
    (Added the replacement information.)


    New Patch Downloads

    ·          Firefox_Setup_45.0_ENU.exe


    Where to Send Feedback

    At LANDESK, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

     

    Best regards,

    LANDESK Product Support

     

    Copyright © 2016 LANDESK Software.  All rights reserved. LANDESK is either a registered trademark or trademark of LANDESK Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

     

    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDESK disclaims any liability with respect to this document and LANDESK has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visithttp://www.LANDESK.com.