Peaches Posted October 29, 2009 Report Share Posted October 29, 2009 28 October 2009, 10:48Mozilla fixes critical bugs with Firefox 3.5.4 and 3.0.15 Mozilla has closed six critical holes in Firefox 3.5 and five critical holes in Firefox 3.0 with the releases of Firefox 3.5.4 and 3.0.15. Three moderate and two low impact vulnerabilities were also fixed in 3.5.4 and 3.0.15. An update to the media libraries for ogg file playback fixes memory safety issues which were exposed with the implementation on the <video> support in Firefox 3.5. Buffer overflows in Firefox's string to number conversion and GIF colour map parsing have also been fixed. Recursive calls to web workers, a feature introduced in Firefox 3.5, were found to be capable of causing a crash and this has been fixed in 3.5.4. A Privilege escalation issue found in Firefox's Chrome library has been closed. The critical holes also include crashes with memory corruption. It is Mozilla policy to mark these as critical. According to the release notes, the update also adds the ability to resubmit crash reports and fixes a bug which forced reloading of SSL pages after clearing private data. The update is now available from the Mozilla site or through Firefox's auto-update facility.Heise security - http://www.h-online....-15-843475.html Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.