[월:] 2017년 02월

USN-3175-2: Firefox regression Ubuntu Security Notice USN-3175-2 6th February, 2017 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-3175-1 introduced a regression in Firefox. Software description firefox – Mozilla Open Source web browser Details USN-3175-1 fixed vulnerabilities in Firefox. The update caused aregression on systems where the AppArmor profile for Firefox is set toenforce mode. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-5373, CVE-2017-5374) JIT code allocation can allow a bypass of ASLR protections in some circumstances. If [ more… ]