logo
 
  1. Server >
  2. Unix Server >
  3. USN-3260-1: Firefox vulnerabilities


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

USN-3260-1: Firefox vulnerabilities


Unix Server vom | Direktlink: ubuntu.com Nachrichten Bewertung

Ubuntu Security Notice USN-3260-1

21st April, 2017

firefox vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Firefox could be made to crash or run programs as your login if it opened a malicious website.

Software description

  • firefox - Mozilla Open Source web browser

Details

Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, obtain sensitive
information, spoof the addressbar contents or other UI elements, escape
the sandbox to read local files, conduct cross-site scripting (XSS)
attacks, cause a denial of service via application crash, or execute
arbitrary code. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5432,
CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437,
CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442,
CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447,
CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5453, CVE-2017-5454,
CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460,
CVE-2017-5461, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467,
CVE-2017-5468, CVE-2017-5469)

A flaw was discovered in the DRBG number generation in NSS. If an
attacker were able to perform a man-in-the-middle attack, this flaw
could potentially be exploited to view sensitive information.
(CVE-2017-5462)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.04:
firefox 53.0+build6-0ubuntu0.17.04.1
Ubuntu 16.10:
firefox 53.0+build6-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
firefox 53.0+build6-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
firefox 53.0+build6-0ubuntu0.14.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5453, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5468, CVE-2017-5469

...

http://www.ubuntu.com/usn/usn-3260-1/

Externe Webseite mit kompletten Inhalt öffnen

Kommentiere zu USN-3260-1: Firefox vulnerabilities






➤ Ähnliche Beiträge

  • 1.

    [Testing Update] 2019-12-04 - Firefox 71, Brave, Plasma 5.17.4, Systemd

    vom 706.21 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. 840×480Firefox 71 comes with new Kiosk mode and built-in MP3 decoding Some feature-updates: Firefox 71 got added to our repos Firefox-Dev starts in 72
  • 2.

    [Stable Update] 2019-10-14 - Pamac 9.0, LLVM9, Firefox, KDE Apps 19.08.2

    vom 674.27 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Stable Update. Mostly we have updates for our second release candidate of Manjaro 18.1.1. EEblKiqWsAAsjcw?format=jpg&name=large1220×882Pamac 9.0 with Snap
  • 3.

    [Testing Update] 2019-10-13 - Kernels, KDE Apps, Firefox, LLVM9, Pamac 9.0

    vom 674.27 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. Mostly we have updates for our second release candidate of Manjaro 18.1.1. EEblKiqWsAAsjcw?format=jpg&name=large1220×882Pamac 9.0 with Snap
  • 4.

    [Stable Update] 2019-11-05 - Kernels, Plasma, Firefox, Toolchain

    vom 674.27 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Stable Update. EIXU5J4WkAIpOAw?format=jpg&name=small680×510 With this we have rebuilt most of our Kernels with extramodules and ship the latest packages of KDE
  • 5.

    [Testing Update] 2019-10-31 - KDE-Plasma, Kernels, Palemoon

    vom 670.72 Punkte ic_school_black_18dp
    @oberon wrote: Hello community, I am happy to announce another Testing Update. image.jpg612×598 72.3 KB With this we have rebuilt most of our kernels with extramodules and ship the latest packages of KDE-Plasma 5.17.2 If you like f
  • 6.

    [Testing Update] 2019-10-04 - Gnome-Keyring, Budgie, Firefox

    vom 347.78 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. Mostly we have updates to Gnome-Keyring, Firefox and Budgie. repo-compare is one of our new web-services. Give us your feedback on that new service! Up
  • 7.

    [Testing Update] 2019-12-06 - Kernels, Mesa, Firefox, KDE-git

    vom 344.23 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update on my Wedding Day. Let's celebrate Phil's and Trang's wedding today Some feature-updates: Some fixes to Cinnamon Firefox-Dev has another beta in 72 series We updated most of our KDE-git packages Mesa update plus the latest Kernels the usua
  • 8.

    [Testing Update] 2019-09-28 - Realtime-Kernel, Mesa 19.2.0, Firefox-Dev, ZFS

    vom 340.68 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. Mostly we have Mesa 19.2, updated Realtime-Kernel and the usual rebuilds. Mesa 19.2 series added Navi-Support. More details here Update news This update
  • 9.

    [Testing Update] 2019-10-27 - KDE-Git, Nvidia, Xorg-Server

    vom 340.68 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. Mostly we have updates for Pacman 5.2 release. Tell us about the default layout we should use for Gnome Update news This update holds the following chan
  • 10.

    [Testing Update] 2019-11-12 - Nvidia, Plasma, Firefox-Dev

    vom 340.68 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. 1280×720Checkout our latest Pinebook Pro Preview featuring the mainline kernel With this we have new Nvidia drivers, latest KDE Frameworks. Some feature
  • 11.

    [Testing Update] 2019-09-25 - Pamac, Brave, Gstreamer, Bluez

    vom 337.13 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. Mostly we have Kernels, Gnome 3.34 and needed rebuilds with this one. EEblKiiWwAIX7q9?format=jpg&name=large1220×882Help us to debug pamac
  • 12.

    [Testing Update] 2019-11-11 - Kernels, KDE Frameworks, Nvidia, Brave

    vom 337.13 Punkte ic_school_black_18dp
    @philm wrote: Hello community, I am happy to announce another Testing Update. Checkout our latest server holding the latest KDE-git packages With this we have new Nvidia drivers, latest KDE Frameworks. Some feature-updates: KDE Frameworks are at 5.64.0 Bra