| View previous topic :: View next topic |
| Author |
Message |
GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Dec 30, 2015 4:26 pm Post subject: [ GLSA 201512-10 ] Mozilla Products |
 |
|
Gentoo Linux Security Advisory
Title: Mozilla Products: Multiple vulnerabilities (GLSA 201512-10)
Severity: normal
Exploitable: remote
Date: December 30, 2015
Updated: December 31, 2015
Bug(s): #545232, #554036, #556942, #564818, #567298, #568376
ID: 201512-10
Synopsis
Multiple vulnerabilities have been found in Mozilla Firefox and
Thunderbird, the worst of which may allow user-assisted execution of
arbitrary code.
Background
Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an
open-source email client, both from the Mozilla Project.
Affected Packages
Package: www-client/firefox
Vulnerable: < 38.5.0
Unaffected: >= 38.5.0
Architectures: All supported architectures
Package: www-client/firefox-bin
Vulnerable: < 38.5.0
Unaffected: >= 38.5.0
Architectures: All supported architectures
Package: mail-client/thunderbird
Vulnerable: < 38.5.0
Unaffected: >= 38.5.0
Architectures: All supported architectures
Package: mail-client/thunderbird-bin
Vulnerable: < 38.5.0
Unaffected: >= 38.5.0
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Mozilla Firefox and
Mozilla Thunderbird. Please review the CVE identifiers referenced below
for details.
Impact
A remote attacker could entice a user to view a specially crafted web
page or email, possibly resulting in execution of arbitrary code or a
Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Firefox users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-38.5.0"
|
All Firefox-bin users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-38.5.0"
|
All Thunderbird users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-38.5.0"
|
All Thunderbird-bin users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=mail-client/thunderbird-bin-38.5.0"
|
References
CVE-2015-0798
CVE-2015-0799
CVE-2015-0801
CVE-2015-0802
CVE-2015-0803
CVE-2015-0804
CVE-2015-0805
CVE-2015-0806
CVE-2015-0807
CVE-2015-0808
CVE-2015-0810
CVE-2015-0811
CVE-2015-0812
CVE-2015-0813
CVE-2015-0814
CVE-2015-0815
CVE-2015-0816
CVE-2015-2706
CVE-2015-2721
CVE-2015-2722
CVE-2015-2724
CVE-2015-2725
CVE-2015-2726
CVE-2015-2727
CVE-2015-2728
CVE-2015-2729
CVE-2015-2730
CVE-2015-2731
CVE-2015-2733
CVE-2015-2734
CVE-2015-2735
CVE-2015-2736
CVE-2015-2737
CVE-2015-2738
CVE-2015-2739
CVE-2015-2740
CVE-2015-2741
CVE-2015-2742
CVE-2015-2743
CVE-2015-2808
CVE-2015-4000
CVE-2015-4153
CVE-2015-4495
CVE-2015-4513
CVE-2015-4514
CVE-2015-4515
CVE-2015-4518
CVE-2015-7181
CVE-2015-7182
CVE-2015-7183
CVE-2015-7187
CVE-2015-7188
CVE-2015-7189
CVE-2015-7191
CVE-2015-7192
CVE-2015-7193
CVE-2015-7194
CVE-2015-7195
CVE-2015-7196
CVE-2015-7197
CVE-2015-7198
CVE-2015-7199
CVE-2015-7200
CVE-2015-7201
CVE-2015-7202
CVE-2015-7203
CVE-2015-7204
CVE-2015-7205
CVE-2015-7207
CVE-2015-7208
CVE-2015-7210
CVE-2015-7211
CVE-2015-7212
CVE-2015-7213
CVE-2015-7214
CVE-2015-7215
CVE-2015-7216
CVE-2015-7217
CVE-2015-7218
CVE-2015-7219
CVE-2015-7220
CVE-2015-7221
CVE-2015-7222
CVE-2015-7223
Last edited by GLSA on Thu Dec 31, 2015 4:17 am; edited 1 time in total |
|
| Back to top |
|
 |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
News & Announcements
