CVE-2016-5290 in Ubuntu

CVE-2016-5290

Priority

Description

Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some
of these bugs showed evidence of memory corruption and we presume that with
enough effort that some of these could be exploited to run arbitrary code.
This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and
Firefox < 50.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290
https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
https://usn.ubuntu.com/usn/usn-3124-1
https://usn.ubuntu.com/usn/usn-3141-1

Assigned-to

chrisccoulson

Notes

Package

Source: firefox (LP Ubuntu Debian)

Upstream:	released (50.0)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [50.0+build2-0ubuntu0.14.04.2])
Ubuntu 16.04 LTS (Xenial Xerus):	released (50.0+build2-0ubuntu0.16.04.2)

Package

Source: thunderbird (LP Ubuntu Debian)

Upstream:	released (45.5.0)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [1:45.5.1+build1-0ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):	released (1:45.5.1+build1-0ubuntu0.16.04.1)

More Information

Updated: 2019-12-05 18:45:40 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)