[RHSA-2017:3382] firefox security update
Severity
Important
Affected Packages
6
CVEs
1
Mozilla Firefox is an open source web browser.
This update upgrades Firefox to version 52.5.1 ESR.
Security Fix(es):
- A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors. (CVE-2017-7843)
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Konark as the original reporter.
| Package | Affected Version |
|---|---|
 pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-6.9
|
< 52.5.1-1.el6_9 |
|
pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-6.9
|
< 52.5.1-1.el6_9 |
|
pkg:rpm/redhat/firefox?arch=s390&distro=redhat-6.9
|
< 52.5.1-1.el6_9 |
|
pkg:rpm/redhat/firefox?arch=ppc64&distro=redhat-6.9
|
< 52.5.1-1.el6_9 |
|
pkg:rpm/redhat/firefox?arch=ppc&distro=redhat-6.9
|
< 52.5.1-1.el6_9 |
|
pkg:rpm/redhat/firefox?arch=i686&distro=redhat-6.9
|
< 52.5.1-1.el6_9 |
- ID
- RHSA-2017:3382
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2017:3382
- Published
-
2017-12-05T00:00:00
(6 years ago) - Modified
-
2017-12-05T00:00:00
(6 years ago) - Rights
- Copyright 2017 Red Hat, Inc.
- Other Advisories
ALPINE:CVE-2017-7843
DSA-4062-1
ELSA-2017-3382
FREEBSD:B7E23050-2D5D-4E61-9B48-62E89DB222CA
GLSA-201802-03
MFSA-2017-27| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 1518566 |
|
|
| RHSA | RHSA-2017:3382 |
|
|
| CVE | CVE-2017-7843 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-6.9 | redhat |
firefox
|
< 52.5.1-1.el6_9 | redhat-6.9 | x86_64 | |
| Affected | pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-6.9 | redhat |
firefox
|
< 52.5.1-1.el6_9 | redhat-6.9 | s390x | |
| Affected | pkg:rpm/redhat/firefox?arch=s390&distro=redhat-6.9 | redhat |
firefox
|
< 52.5.1-1.el6_9 | redhat-6.9 | s390 | |
| Affected | pkg:rpm/redhat/firefox?arch=ppc64&distro=redhat-6.9 | redhat |
firefox
|
< 52.5.1-1.el6_9 | redhat-6.9 | ppc64 | |
| Affected | pkg:rpm/redhat/firefox?arch=ppc&distro=redhat-6.9 | redhat |
firefox
|
< 52.5.1-1.el6_9 | redhat-6.9 | ppc | |
| Affected | pkg:rpm/redhat/firefox?arch=i686&distro=redhat-6.9 | redhat |
firefox
|
< 52.5.1-1.el6_9 | redhat-6.9 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |