Univention Bugzilla – Bug 40276
Iceweasel: Security issues from 38.5 (4.0)
Last modified: 2017-06-01 18:34:58 CEST
+++ This bug was initially created as a clone of Bug #40273 ++++ Firefox ESR 38.5 fixes these issues: * cross-origin restriction bypass using data: and view-source: uri scheme (CVE-2015-7214) * potential underflow in 'covr', unchecked allocation and copy in Metadata::setData (CVE-2015-7222) * integer underflow in covr MPEG4 processing (no cve? mfsa2015-147) * 64bit: Overflow in MPEG4Extractor::readMetaData causes memory-safety bug (CVE-2015-7213) * Underflow in RTPReceiverVideo::ParseRtpPacket causes memory-safety bug and information leak (CVE-2015-7205) * Memset crash in mozilla::layers::BufferTextureClient::AllocateForSurface (CVE-2015-7212) * UAF due to DataChannelConnection not Destroy()ed before deletion (CVE-2015-7210) * Memory safety bugs fixed in Firefox ESR 38.5 and Firefox 43. (CVE-2015-7201)
Firefox ESR 38.5.2: * Prevent MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575)
*** This bug has been marked as a duplicate of bug 39388 ***