Hi According to https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/#CVE-2017-5428 and http://www.securityfocus.com/bid/96959/info and various other sources Version 45.8 ESR is vulnerable to the security issue described in CVE2017-5428. The only fix is an update to 52.0.1 ESR.
According to https://www.heise.de/security/meldung/Mozilla-reagiert-zuegig-auf-Firefox-Exploit-des-Hacker-Wettbewerbs-Pwn2Own-3658562.html (sorry only German) Version 45.x ESR is not affected. (" Firefox ESR 45.x and the tor browser based on it are not affected by the vulnerability, according to Mozilla. The vulnerable createImageBitmap-API is not used in ESR version" ). Who is right? And will there be a fix within the 45.x ESR branch, as https://www.mozilla.org/en-US/firefox/organizations/faq/ states that the 45.x branch will be supported until release of 52.2 ESR. Mit freundlichen Grüßen / Kind regards Jürgen Schroth Senior Service Professional, RfS Projectmanagement, IXOS Client Support Bechtle Onsite Services GmbH Bechtle Platz 1 74172 Neckarsulm Telefon: +49 721 3714466 mobil: +49 151 52617344 E-Mail: [email protected]<mailto:[email protected]> Sitz Neckarsulm, Amtsgericht Stuttgart HRB 571713, Ust-Id.Nr.DE203362620, Geschäftsführer Jörg Öynhausen, Alexander Köhler
_______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
