CESA-2017:3382 -- centos 7 firefoxID: oval:org.secpod.oval:def:204721 | Date: (C)2017-12-08 (M)2022-10-10 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.5.1 ESR. Security Fix: * A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors. Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Konark as the original reporter.