Bug 7513 - [UPDATE REQUEST] nss, firefox, firefox-l10n 49.0.2 → 50.0
: [UPDATE REQUEST] nss, firefox, firefox-l10n 49.0.2 → 50.0
Status: VERIFIED FIXED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Fresh
: All Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
https://advisories.mageia.org/MGASA-2...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-11-17 12:09 MSK by Алзим
Modified: 2016-11-22 14:49 MSK (History)
4 users (show)

See Also:
RPM Package:
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
andrey.bondrov: published+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Алзим 2016-11-17 12:09:07 MSK
New Version 50.0
https://www.mozilla.org/en-US/firefox/50.0/releasenotes/
Comment 2 Vladimir Potapov 2016-11-17 14:19:42 MSK
The update is sent to expanded testing
*************************************
Comment 3 Denis Silakov 2016-11-17 20:02:53 MSK
*** Bug 7419 has been marked as a duplicate of this bug. ***
Comment 4 Zombie Ryushu 2016-11-18 01:14:34 MSK
Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox (CVE-2016-5296, CVE-2016-5297, CVE-2016-9066,
CVE-2016-5291, CVE-2016-5290).

A flaw was found in the way Add-on update process was handled by Firefox.
A Man-in-the-Middle attacker could use this flaw to install a malicious
signed add-on update (CVE-2016-9064).

An existing mitigation of timing side-channel attacks in NSS before 3.26.1
is insufficient in some circumstances (CVE-2016-9074).
Comment 5 Vladimir Potapov 2016-11-21 22:12:30 MSK
nss-3.27.1-1
https://abf.io/build_lists/2754248
https://abf.io/build_lists/2754249

firefox-50.0-2
https://abf.io/build_lists/2754263
https://abf.io/build_lists/2754264

firefox-l10n-50.0-2
https://abf.io/build_lists/2754289
https://abf.io/build_lists/2754290
********************** Advisory *****************************
New Version 50.0. Fix crashes and many secure fixes
*************************************************************
QA Verified