Mozilla Foundation Security Advisory 2016-61

Network Security Services (NSS) vulnerabilities

Announced

June 7, 2016

Reporter

Tyson Smith, Jed Davis

Impact

Moderate

Products

Firefox, NSS

Fixed in

• Firefox 47
• NSS 3.23

Description

Mozilla has updated the version of Network Security Services (NSS) library used in Firefox to NSS 3.23. This addresses four moderate rated networking security issues reported by Mozilla engineers Tyson Smith and Jed Davis.

References

• Memory safety bugs fixed in NSS 3.23 (CVE-2016-2834)