Bug 40273 - Firefox: Security issues from 38.5 (4.0)
Firefox: Security issues from 38.5 (4.0)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-4-errata
Assigned To: Daniel Tröder
Philipp Hahn
https://www.mozilla.org/en-US/securit...
:
Depends on: 40272
Blocks: 40274
  Show dependency treegraph
 
Reported: 2015-12-16 19:53 CET by Arvid Requate
Modified: 2016-02-04 15:57 CET (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:
requate: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2015-12-16 19:53:01 CET
+++ This bug was initially created as a clone of Bug #40272 +++

Firefox ESR 38.5 fixes these issues:

* cross-origin restriction bypass using data: and view-source: uri scheme (CVE-2015-7214)
* potential underflow in 'covr', unchecked allocation and copy in Metadata::setData (CVE-2015-7222)
* integer underflow in covr MPEG4 processing (no cve? mfsa2015-147)
* 64bit: Overflow in MPEG4Extractor::readMetaData causes memory-safety bug (CVE-2015-7213)
* Underflow in RTPReceiverVideo::ParseRtpPacket causes memory-safety bug and information leak (CVE-2015-7205)
* Memset crash in mozilla::layers::BufferTextureClient::AllocateForSurface (CVE-2015-7212)
* UAF due to DataChannelConnection not Destroy()ed before deletion (CVE-2015-7210)
* Memory safety bugs fixed in Firefox ESR 38.5 and Firefox 43. (CVE-2015-7201)
Comment 1 Arvid Requate univentionstaff 2016-01-11 14:09:38 CET
Firefox ESR 38.5.2:

* Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575)
Comment 2 Daniel Tröder univentionstaff 2016-01-26 11:46:56 CET
Updated and build in 66955, 66956, 66959.
Comment 3 Philipp Hahn univentionstaff 2016-01-26 14:33:16 CET
OK: announce_errata -V firefox-??.yaml
OK: apt-get install firefox-en=1:38.4.0esr-ucs-4.0.61.201511191931
OK: apt-get install firefox-en # 1:38.5.2esr-ucs-4.1.63.201601260929
OK: apt-get purge firefox-en
OK: apt-get install firefox-en
OK: apt-get remove firefox-en
OK: apt-get purge firefox-en

OK: apt-get install firefox-de=1:38.4.0esr-ucs-4.0.66.201511191929
OK: apt-get install firefox-de # 1:38.5.2esr-ucs-4.1.68.201601260931
OK: apt-get purge firefox-de
OK: apt-get install firefox-de
OK: apt-get remove firefox-de
OK: apt-get purge firefox-de

OK: https://www.google.de/
OK: https://www.univention.de/
OK: https://forge.univention.org/
OK: http://www.tagesschau.de/
OK: https://www.youtube.com/
OK: about: 38.5.2

OK: amd64
OK. i386

OK: firefox-??.yaml
OK: errata-announce -V firefox-en.yaml
OK: errata-announce -V firefox-de.yaml
Comment 4 Philipp Hahn univentionstaff 2016-01-26 14:51:04 CET
r66973 | Bug #40272,Bug #40273,Bug #40274 Firefox: CVE-2015-7575
Comment 5 Arvid Requate univentionstaff 2016-01-26 16:42:49 CET
Note: ESR 38.6 will be released later today:

https://wiki.mozilla.org/RapidRelease/Calendar#Future_branch_dates
Comment 6 Arvid Requate univentionstaff 2016-01-26 22:19:30 CET
Firefox ESR 38.6 fixes these issues:

* global-buffer-overflow (write) at BufferSubData (CVE-2016-1935)
* Memory safety bugs fixed in Firefox ESR 38.6 and Firefox 44. (CVE-2016-1930)
* Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575) [again? strange, maybe an updated patch?]
Comment 7 Daniel Tröder univentionstaff 2016-01-27 10:06:12 CET
Updated and compiled: 66987 + 66989
Comment 8 Philipp Hahn univentionstaff 2016-01-27 14:55:02 CET
OK: apt-get install firefox-en=1:38.4.0esr-ucs-4.0.61.201511191931
OK: apt-get install firefox-en # 1:38.6.0esr-ucs-4.0.68.201601270954
OK: apt-get purge firefox-en
OK: apt-get install firefox-en
OK: apt-get remove firefox-en
OK: apt-get purge firefox-en

OK: apt-get install firefox-de=1:38.4.0esr-ucs-4.0.66.201511191929
OK: apt-get install firefox-de # 1:38.6.0esr-ucs-4.0.72.201601270956
OK: apt-get purge firefox-de
OK: apt-get install firefox-de
OK: apt-get remove firefox-de
OK: apt-get purge firefox-de

OK: https://www.google.de/
OK: https://www.univention.de/
OK: https://forge.univention.org/
OK: http://www.tagesschau.de/
OK: https://www.youtube.com/
OK: about: # 38.6

OK: amd64
OK: i386

OK: errata-announce -V firefox-en.yaml
OK: errata-announce -V firefox-de.yaml
OK: firefox-??.yaml