Linux News Today: Mozilla Releases Firefox 41.0.2 Hotfix to Fix a High Impact Issue, Update Now
Just a few moments ago, Mozilla published a second hotfix release for its latest stable Mozilla Firefox 41.0 web browser patching a single vulnerability that could allow a malicious web page to access private data from other origins.
The Mozilla Firefox 41.0.2 update has been released earlier today, October 15, for GNU/Linux, Microsoft Windows, and Mac OS X computer operating systems. According to Mozilla, Firefox 41.0.2 is here to fix a single issue, a high impact vulnerability in the fetch() API (Application Programming Interface), which was not capable of implementing the CORS (Cross-Origin Resource Sharing) specification.
“Security researcher Abdulrahman Alqabandi reported that the fetch() API did not correctly implement the Cross-Origin Resource Sharing (CORS) specification, allowing a malicious page to access private data from other origins. Mozilla developer Ben Kelly independently reported the same issue,” wrote the Mozilla developers in the Mozilla Foundation Security Advisory 2015-115.
Mozilla urges all users of the Mozilla Firefox 41.0 and 41.0.1 users to update to the 41.0.2 build as soon as possible. To update, you can either use the built-in updater of the web browser (Windows and Mac OS X only) or download the 32-bit and 64-bit binaries, as well as the source package of Mozilla Firefox 41.0.2 right now from Softpedia for GNU/Linux, Mac OS X, and Microsoft Windows operating systems.