Bug 37140

Summary: Firefox: Security issues from 31.3 (3.2)
Product: UCS Reporter: Moritz Muehlenhoff <jmm>
Component: Security updatesAssignee: Moritz Muehlenhoff <jmm>
Status: CLOSED FIXED QA Contact: Janek Walkenhorst <walkenhorst>
Severity: normal    
Priority: P5    
Version: UCS 3.2   
Target Milestone: UCS 3.2-4-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Moritz Muehlenhoff univentionstaff 2014-12-02 08:22:06 CET 
Multiple exploitable memory safety errors (CVE-2014-1587)
Bypass of security restrictions (CVE-2014-1589)
Denial of service in XMLHTTPRequest parsing (CVE-2014-1590)
Use-after-free in HTML5 parsing (CVE-2014-1592)
Buffer overflow in parsing media content (CVE-2014-1593)
Incorrect casting might potentially result in the execution of arbitrary code (CVE-2014-1594)
Comment 1 Moritz Muehlenhoff univentionstaff 2014-12-18 12:40:29 CET 
New packages have been built, tests were successful.

YAML files: 2014-12-18-firefox-de.yaml 2014-12-18-firefox-en.yaml
Comment 2 Janek Walkenhorst univentionstaff 2014-12-18 18:05:26 CET 
Tests (amd64): OK
Advisory: Missing
Comment 3 Moritz Muehlenhoff univentionstaff 2014-12-19 07:21:01 CET 
(In reply to Janek Walkenhorst from comment #2)
> Tests (amd64): OK
> Advisory: Missing

Now commited.
Comment 4 Janek Walkenhorst univentionstaff 2014-12-19 11:01:05 CET 
(In reply to Moritz Muehlenhoff from comment #3)
> (In reply to Janek Walkenhorst from comment #2)
> > Advisory: Missing
> Now commited.
Advisories: OK