Patches from Mozilla, Askterisk, FreeBSD, others Merry Christmas and so on Government-sponsored cyberattacks on the rise, McAfee says, and other interesting reading.
Mozilla scrambles to patch Firefox for second time this week
A bug in rendering 'canvas' HTML elements worked its way into Firefox 184.108.40.206, the edition Mozilla released Monday to fix six other vulnerabilities. Canvas elements, which were first used by Apple Inc. in its Safari browser, let Web site designers dynamically render bitmap images in HTML. Firefox, Safari and Opera support Canvas natively; Microsoft's Internet Explorer does so with a plug-in.
Cisco confirmed it is possible to eavesdrop on remote conversations using Cisco VoIP phones. In its security response, Cisco says: 'an attacker with valid Extension Mobility authentication credentials could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol (RTP) audio stream.'