Ubuntu update for Firefox

ID: IRCAD2015074000
Release Date: 2015-07-16
Ubuntu 12.04 LTS
This update provides the corresponding update for Ubuntu 12.04 LTS. Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
Apply updated packages.
Ubuntu 15.04:
Ubuntu 14.10:
Ubuntu 14.04 LTS:
Ubuntu 12.04 LTS:

The Wall

No comments
You need to sign in to comment