Описание
ELSA-2015-1586: firefox security update (CRITICAL)
[38.2.0-4.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one
- Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd Vierling) [orabug 19847484]
[38.2.0-4]
- Update to 38.2.0 ESR
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
firefox
38.2.0-4.0.1.el5_11
Oracle Linux i386
firefox
38.2.0-4.0.1.el5_11
Oracle Linux 6
Oracle Linux x86_64
firefox
38.2.0-4.0.1.el6_7
Oracle Linux i686
firefox
38.2.0-4.0.1.el6_7
Oracle Linux 7
Oracle Linux x86_64
firefox
38.2.0-4.0.1.el7_1
Ссылки на источники
Связанные уязвимости
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.