Results 1 to 10 of 105

Thread: Firefox updated...

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2014-04-30, 02:07 #17
    AplusWebMaster
    AplusWebMaster is offline
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Firefox 29.0 released ...

    FYI...

    Firefox 29.0 released

    From an admin. account, start Firefox, then >Help >About >Check for Updates ...
    -or-
    Download: https://www.mozilla.com/firefox/all.html

    Security Advisories for 29.0:
    - https://www.mozilla.org/security/kno...html#firefox29
    Fixed in Firefox 29
    MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript
    MFSA 2014-46 Use-after-free in nsHostResolve
    MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates
    MFSA 2014-44 Use-after-free in imgLoader while resizing images
    MFSA 2014-43 Cross-site scripting (XSS) using history navigations
    MFSA 2014-42 Privilege escalation through Web Notification API
    MFSA 2014-41 Out-of-bounds write in Cairo
    MFSA 2014-40 Firefox for Android addressbar suppression
    MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video
    MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
    MFSA 2014-37 Out of bounds read while decoding JPG images
    MFSA 2014-36 Web Audio memory corruption issues
    MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer
    MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)

    Release notes
    - https://www.mozilla.org/en-US/firefo.../releasenotes/
    Apr 29, 2014

    ... complete list of changes in this release... 3892 bugs found.
    ___

    - https://addons.mozilla.org/en-US/fir...evar/versions/
    April 27, 2014
    ___

    - http://www.securitytracker.com/id/1030163
    CVE Reference: CVE-2014-1518, CVE-2014-1519, CVE-2014-1520, CVE-2014-1522, CVE-2014-1523, CVE-2014-1524, CVE-2014-1525, CVE-2014-1526, CVE-2014-1527, CVE-2014-1528, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532
    Apr 30 2014
    Impact: Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 29.0 ...
    Solution: The vendor has issued a fix (29.0)...

    Last edited by AplusWebMaster; 2014-04-30 at 11:14.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules