[RHSA-2017:3382] firefox security update
Severity
Important
Affected Packages
6
CVEs
1
Mozilla Firefox is an open source web browser.
This update upgrades Firefox to version 52.5.1 ESR.
Security Fix(es):
- A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors. (CVE-2017-7843)
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Konark as the original reporter.
Package | Affected Version |
---|---|
pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-6.9 | < 52.5.1-1.el6_9 |
pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-6.9 | < 52.5.1-1.el6_9 |
pkg:rpm/redhat/firefox?arch=s390&distro=redhat-6.9 | < 52.5.1-1.el6_9 |
pkg:rpm/redhat/firefox?arch=ppc64&distro=redhat-6.9 | < 52.5.1-1.el6_9 |
pkg:rpm/redhat/firefox?arch=ppc&distro=redhat-6.9 | < 52.5.1-1.el6_9 |
pkg:rpm/redhat/firefox?arch=i686&distro=redhat-6.9 | < 52.5.1-1.el6_9 |
- ID
- RHSA-2017:3382
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2017:3382
- Published
-
2017-12-05T00:00:00
(6 years ago) - Modified
-
2017-12-05T00:00:00
(6 years ago) - Rights
- Copyright 2017 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1518566 | https://bugzilla.redhat.com/1518566 | |
RHSA | RHSA-2017:3382 | https://access.redhat.com/errata/RHSA-2017:3382 | |
CVE | CVE-2017-7843 | https://access.redhat.com/security/cve/CVE-2017-7843 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-6.9 | redhat | firefox | < 52.5.1-1.el6_9 | redhat-6.9 | x86_64 | |
Affected | pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-6.9 | redhat | firefox | < 52.5.1-1.el6_9 | redhat-6.9 | s390x | |
Affected | pkg:rpm/redhat/firefox?arch=s390&distro=redhat-6.9 | redhat | firefox | < 52.5.1-1.el6_9 | redhat-6.9 | s390 | |
Affected | pkg:rpm/redhat/firefox?arch=ppc64&distro=redhat-6.9 | redhat | firefox | < 52.5.1-1.el6_9 | redhat-6.9 | ppc64 | |
Affected | pkg:rpm/redhat/firefox?arch=ppc&distro=redhat-6.9 | redhat | firefox | < 52.5.1-1.el6_9 | redhat-6.9 | ppc | |
Affected | pkg:rpm/redhat/firefox?arch=i686&distro=redhat-6.9 | redhat | firefox | < 52.5.1-1.el6_9 | redhat-6.9 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |