Ubuntu Security Notice 930-1 – If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the ‘Content-Disposition: attachment’ HTTP header was ignored when ‘Content-Type: multipart’ was also present.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/91313/USN-930-1.txt
Source: https://packetstormsecurity.com/files/91313/Ubuntu-Security-Notice-930-1.html