Univention Bugzilla – Bug 36175
Firefox: Security issues from 31.2 (3.2)
Last modified: 2014-10-30 14:14:38 CET
We need to migrate to the new ESR31 series, ESR24 is no longer supported. Memory corruption in the browser engine (CVE-2014-1574) Buffer overflow in CSS parsing (CVE-2014-1576) Memory corruption in Web Audio (CVE-2014-1577) Out-of-bounds write in WebM playback (CVE-2014-1578) Use-after-free in text rendering (CVE-2014-1581) Information leak in WebRTC (CVE-2014-1585, CVE-2014-1586) Bypass of the same-origin policy (CVE-2014-1583)
Imported 31.2.0 ESR Tests (i386): OK Advisories: 2014-10-28-firefox-{de,en}.yaml
OK: apt-cache policy firefox-de firefox-en OK: about: 31.2.0 OK: amd64 i386 OK: firefox-{en,de} OK: http://google.de/ OK: http://univention.de/ OK: https://forge.univention.org/ OK: http://www.tagesschau.de/ OK: http://youtube.com/ OK: /usr/sbin/announce_errata -V 2014-10-28-firefox-de.yaml OK: /usr/sbin/announce_errata -V 2014-10-28-firefox-en.yaml OK: errata-test firefox-de OK: Update, Replace, Install
http://errata.univention.de/ucs/3.2/231.html
http://errata.univention.de/ucs/3.2/232.html