URL: http://ftp.mozilla.org/pub/firefox/releases/38.2.1esr/contrib/ Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.
A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4497) A flaw was found in the way Firefox handled installation of add-ons. An attacker could use this flaw to bypass the add-on installation prompt, and trick the user into installing an add-on from a malicious source. (CVE-2015-4498) All Firefox users should upgrade to Firefox version 38.2.1 ESR or greater, whichcorrects these issues. After installing the update, Firefox must be restartedfor the changes to take effect. _______________________________________________ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
