Bug 37140 - Firefox: Security issues from 31.3 (3.2)
Firefox: Security issues from 31.3 (3.2)
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-4-errata
Assigned To: Moritz Muehlenhoff
Janek Walkenhorst
Depends on:
  Show dependency treegraph
Reported: 2014-12-02 08:22 CET by Moritz Muehlenhoff
Modified: 2014-12-19 13:59 CET (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2014-12-02 08:22:06 CET
Multiple exploitable memory safety errors (CVE-2014-1587)
Bypass of security restrictions (CVE-2014-1589)
Denial of service in XMLHTTPRequest parsing (CVE-2014-1590)
Use-after-free in HTML5 parsing (CVE-2014-1592)
Buffer overflow in parsing media content (CVE-2014-1593)
Incorrect casting might potentially result in the execution of arbitrary code (CVE-2014-1594)
Comment 1 Moritz Muehlenhoff univentionstaff 2014-12-18 12:40:29 CET
New packages have been built, tests were successful.

YAML files: 2014-12-18-firefox-de.yaml 2014-12-18-firefox-en.yaml
Comment 2 Janek Walkenhorst univentionstaff 2014-12-18 18:05:26 CET
Tests (amd64): OK
Advisory: Missing
Comment 3 Moritz Muehlenhoff univentionstaff 2014-12-19 07:21:01 CET
(In reply to Janek Walkenhorst from comment #2)
> Tests (amd64): OK
> Advisory: Missing

Now commited.
Comment 4 Janek Walkenhorst univentionstaff 2014-12-19 11:01:05 CET
(In reply to Moritz Muehlenhoff from comment #3)
> (In reply to Janek Walkenhorst from comment #2)
> > Advisory: Missing
> Now commited.
Advisories: OK