[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
GNU IceCat 45 beta now available in Guix
|
From: |
Mark H Weaver |
|
Subject: |
GNU IceCat 45 beta now available in Guix |
|
Date: |
Wed, 12 Oct 2016 01:42:26 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Hello Guix,
I'm pleased to announce the availability of GNU IceCat 45.3.0-gnu1-beta
with selected fixes cherry-picked from upstream, including all security
fixes introduced in Firefox ESR 45.4.0, specifically:
CVE-2016-5250 - Resource Timing API is storing resources sent by
the previous page
CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
CVE-2016-5261 - Integer overflow and memory corruption in WebSocketChannel
CVE-2016-5270 - Heap-buffer-overflow in
nsCaseTransformTextRunFactory::TransformString
CVE-2016-5272 - Bad cast in nsImageGeometryMixin
CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState
CVE-2016-5276 - Heap-use-after-free in
mozilla::a11y::DocAccessible::ProcessInvalidationList
CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick
CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
CVE-2016-5280 - Use-after-free in
mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
CVE-2016-5281 - use-after-free in DOMSVGLength
CVE-2016-5284 - Add-on update site certificate pin expiration
Mark
- GNU IceCat 45 beta now available in Guix,
Mark H Weaver <=