| Description: | This update to Firefox 17.0.9esr (bnc#840485) addresses: * MFSA 2013-91 User-defined properties on DOM proxiesget the wrong "this" object o (CVE-2013-1737) * MFSA 2013-90 Memory corruption involving scrolling ouse-after-free in mozilla::layout::ScrollbarActivity(CVE-2013-1735) o Memory corruption innsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) * MFSA 2013-89 Buffer overflow with multi-column,lists, and floats o buffer overflow atnsFloatManager::GetFlowArea() with multicol, list, floats(CVE-2013-1732) * MFSA 2013-88 compartment mismatch re-attachingXBL-backed nodes o compartment mismatch innsXBLBinding::DoInitJSClass (CVE-2013-1730) * MFSA 2013-83 Mozilla Updater does not lock MAR fileafter signature verification o MAR signature bypass inUpdater could lead to downgrade (CVE-2013-1726) * MFSA 2013-82 Calling scope for new Javascript objectscan lead to memory corruption o ABORT: bad scope for newJSObjects: ReparentWrapper / document.open (CVE-2013-1725) * MFSA 2013-79 Use-after-free in Animation Managerduring stylesheet cloning o Heap-use-after-free innsAnimationManager::BuildAnimations (CVE-2013-1722) * MFSA 2013-76 Miscellaneous memory safety hazards(rv:24.0 / rv:17.0.9) o Memory safety bugs fixed in Firefox17.0.9 and Firefox 24.0 (CVE-2013-1718) * MFSA 2013-65 Buffer underflow when generating CRMFrequests o ASAN heap-buffer-overflow (read 1) incryptojs_interpret_key_gen_type (CVE-2013-1705) |