Univention Bugzilla – Bug 40273
Firefox: Security issues from 38.5 (4.0)
Last modified: 2016-02-04 15:57:59 CET
+++ This bug was initially created as a clone of Bug #40272 +++ Firefox ESR 38.5 fixes these issues: * cross-origin restriction bypass using data: and view-source: uri scheme (CVE-2015-7214) * potential underflow in 'covr', unchecked allocation and copy in Metadata::setData (CVE-2015-7222) * integer underflow in covr MPEG4 processing (no cve? mfsa2015-147) * 64bit: Overflow in MPEG4Extractor::readMetaData causes memory-safety bug (CVE-2015-7213) * Underflow in RTPReceiverVideo::ParseRtpPacket causes memory-safety bug and information leak (CVE-2015-7205) * Memset crash in mozilla::layers::BufferTextureClient::AllocateForSurface (CVE-2015-7212) * UAF due to DataChannelConnection not Destroy()ed before deletion (CVE-2015-7210) * Memory safety bugs fixed in Firefox ESR 38.5 and Firefox 43. (CVE-2015-7201)
Firefox ESR 38.5.2: * Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575)
Updated and build in 66955, 66956, 66959.
OK: announce_errata -V firefox-??.yaml OK: apt-get install firefox-en=1:38.4.0esr-ucs-4.0.61.201511191931 OK: apt-get install firefox-en # 1:38.5.2esr-ucs-4.1.63.201601260929 OK: apt-get purge firefox-en OK: apt-get install firefox-en OK: apt-get remove firefox-en OK: apt-get purge firefox-en OK: apt-get install firefox-de=1:38.4.0esr-ucs-4.0.66.201511191929 OK: apt-get install firefox-de # 1:38.5.2esr-ucs-4.1.68.201601260931 OK: apt-get purge firefox-de OK: apt-get install firefox-de OK: apt-get remove firefox-de OK: apt-get purge firefox-de OK: https://www.google.de/ OK: https://www.univention.de/ OK: https://forge.univention.org/ OK: http://www.tagesschau.de/ OK: https://www.youtube.com/ OK: about: 38.5.2 OK: amd64 OK. i386 OK: firefox-??.yaml OK: errata-announce -V firefox-en.yaml OK: errata-announce -V firefox-de.yaml
r66973 | Bug #40272,Bug #40273,Bug #40274 Firefox: CVE-2015-7575
Note: ESR 38.6 will be released later today: https://wiki.mozilla.org/RapidRelease/Calendar#Future_branch_dates
Firefox ESR 38.6 fixes these issues: * global-buffer-overflow (write) at BufferSubData (CVE-2016-1935) * Memory safety bugs fixed in Firefox ESR 38.6 and Firefox 44. (CVE-2016-1930) * Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575) [again? strange, maybe an updated patch?]
Updated and compiled: 66987 + 66989
OK: apt-get install firefox-en=1:38.4.0esr-ucs-4.0.61.201511191931 OK: apt-get install firefox-en # 1:38.6.0esr-ucs-4.0.68.201601270954 OK: apt-get purge firefox-en OK: apt-get install firefox-en OK: apt-get remove firefox-en OK: apt-get purge firefox-en OK: apt-get install firefox-de=1:38.4.0esr-ucs-4.0.66.201511191929 OK: apt-get install firefox-de # 1:38.6.0esr-ucs-4.0.72.201601270956 OK: apt-get purge firefox-de OK: apt-get install firefox-de OK: apt-get remove firefox-de OK: apt-get purge firefox-de OK: https://www.google.de/ OK: https://www.univention.de/ OK: https://forge.univention.org/ OK: http://www.tagesschau.de/ OK: https://www.youtube.com/ OK: about: # 38.6 OK: amd64 OK: i386 OK: errata-announce -V firefox-en.yaml OK: errata-announce -V firefox-de.yaml OK: firefox-??.yaml
<http://errata.software-univention.de/ucs/4.0/393.html> <http://errata.software-univention.de/ucs/4.0/394.html>