Ubuntu Security Notice 4474-2 - USN-4474-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. Various other issues were also addressed.
Support the originator by clicking the read the rest link below.
