Univention Bugzilla – Bug 40272
Firefox: Security issues from 38.5 (4.1)
Last modified: 2016-10-05 12:46:55 CEST
Firefox ESR 38.5 fixes these issues: * cross-origin restriction bypass using data: and view-source: uri scheme (CVE-2015-7214) * potential underflow in 'covr', unchecked allocation and copy in Metadata::setData (CVE-2015-7222) * integer underflow in covr MPEG4 processing (no cve? mfsa2015-147) * 64bit: Overflow in MPEG4Extractor::readMetaData causes memory-safety bug (CVE-2015-7213) * Underflow in RTPReceiverVideo::ParseRtpPacket causes memory-safety bug and information leak (CVE-2015-7205) * Memset crash in mozilla::layers::BufferTextureClient::AllocateForSurface (CVE-2015-7212) * UAF due to DataChannelConnection not Destroy()ed before deletion (CVE-2015-7210) * Memory safety bugs fixed in Firefox ESR 38.5 and Firefox 43. (CVE-2015-7201)
Firefox ESR 38.5.2: * Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575)
Updated and compiled: 66953 + 66954
r66973 | Bug #40272,Bug #40273,Bug #40274 Firefox: CVE-2015-7575 OK: apt-get install firefox-en=1:38.4.0esr-ucs-4.1.60.201511191915 OK: apt-get install firefox-en # 1:38.5.2esr-ucs-4.1.63.201601260929 OK: apt-get purge firefox-en OK: apt-get install firefox-en OK: apt-get remove firefox-en OK: apt-get purge firefox-en OK: apt-get install firefox-de=1:38.4.0esr-ucs-4.1.65.201511191913 OK: apt-get install firefox-de # 1:38.5.2esr-ucs-4.1.68.201601260931 OK: apt-get purge firefox-de OK: apt-get install firefox-de OK: apt-get remove firefox-de OK: apt-get purge firefox-de OK: https://www.google.de/ OK: https://www.univention.de/ OK: https://forge.univention.org/ OK: http://www.tagesschau.de/ OK: https://www.youtube.com/ OK: about: 38.5.2 OK: amd64 SKIPPED: i386 OK: errata-announce -V firefox-en.yaml OK: errata-announce -V firefox-de.yaml OK: firefox-??.yaml
Note: ESR 38.6 will be released later today: https://wiki.mozilla.org/RapidRelease/Calendar#Future_branch_dates
Firefox ESR 38.6 fixes these issues: * global-buffer-overflow (write) at BufferSubData (CVE-2016-1935) * Memory safety bugs fixed in Firefox ESR 38.6 and Firefox 44. (CVE-2016-1930) * Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575) [again? strange, maybe an updated patch?]
Updated and compiled: 66986 + 66989
OK: apt-get install firefox-en=1:38.4.0esr-ucs-4.1.60.201511191915 OK: apt-get install firefox-en # 1:38.6.0esr-ucs-4.1.69.201601270959 OK: apt-get purge firefox-en OK: apt-get install firefox-en OK: apt-get remove firefox-en OK: apt-get purge firefox-en OK: apt-get install firefox-de=1:38.4.0esr-ucs-4.1.65.201511191913 OK: apt-get install firefox-de # 1:38.6.0esr-ucs-4.1.73.201601271001 OK: apt-get purge firefox-de OK: apt-get install firefox-de OK: apt-get remove firefox-de OK: apt-get purge firefox-de OK: https://www.google.de/ OK: https://www.univention.de/ OK: https://forge.univention.org/ OK: http://www.tagesschau.de/ OK: https://www.youtube.com/ OK: about: 38.6 OK: amd64 SKIPPED: i386 OK: errata-announce -V firefox-en.yaml OK: errata-announce -V firefox-de.yaml OK: firefox-??.yaml
<http://errata.software-univention.de/ucs/4.1/71.html> <http://errata.software-univention.de/ucs/4.1/72.html>