openSUSE Security Update : MozillaFirefox (openSUSE-2015-565)
Critical Nessus Plugin ID 85834
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozillaFirefox was updated to version 40.0.3 to fix two security issues and several bugs.
Changes in MozillaFirefox :
- update to Firefox 40.0.3 (bnc#943550)
- Disable the asynchronous plugin initialization (bmo#1198590)
- Fix a segmentation fault in the GStreamer support (bmo#1145230)
- Fix a regression with some Japanese fonts used in the <input> field (bmo#1194055)
- On some sites, the selection in a select combox box using the mouse could be broken (bmo#1194733) security fixes
- MFSA 2015-94/CVE-2015-4497 (bmo#1164766, bmo#1175278, bsc#943557) Use-after-free when resizing canvas element during restyling
- MFSA 2015-95/CVE-2015-4498 (bmo#1042699, bsc#943558) Add-on notification bypass through data URLs
SolutionUpdate the affected MozillaFirefox packages.