Firefox 40.0

Firefox v.40.0 was offered to release channel users on August 11, 2015. [2]


Fixed in Firefox 40.0 [3]
2015-92 Use-after-free in XMLHttpRequest with shared workers
2015-91 Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification
2015-90 Vulnerabilities found through code inspection
2015-89 Buffer overflows on Libvpx when decoding WebM video
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87 Crash when using shared memory in JavaScript
2015-86 Feed protocol with POST bypasses mixed content protections
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83 Overflow issues in libstagefright
2015-82 Redefinition of non-configurable JavaScript object properties
2015-81 Use-after-free in MediaStream playback
2015-80 Out-of-bounds read with malformed MP3 file
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)

* Support for Windows 10
* Added protection against unwanted software downloads

Vulnerability ratings: 4 Critical, 6 High, 2 Moderate, 1 Low
Evaluation: test and update when possible

Firefox v.40.0.2 was offered to release channel users on August 13, 2015. [4]

New: Enabled API allowing Windows 10 users to open settings dialog (1193196)
Fixed: mozalloc.lib was missing from the xulrunner package (1168291)
Fixed: Fix a startup crash with some combination of hardware and drivers (1160295)

[1] Firefox features [Mozilla]
[2] Mozilla Firefox 40.0 Release Notes (2015-Aug-11) [Mozilla]
[3] Security Advisories for Firefox [Mozilla]
[4] Mozilla Firefox 40.0.2 Release Notes (2015-Aug-13) [Mozilla]
This entry was posted in firefox, patch, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.