Univention Bugzilla – Bug 39338
Firefox: Security issues from 38.3 (3.2)
Last modified: 2015-10-28 12:31:50 CET
Firefox ESR 38.2.1 fixes these issues: * Firefox Addon bypass dialog and spoof vulnerability (CVE-2015-4498) * use-after-free (& crash) after style flush in CanvasRenderingContext2D (CVE-2015-4497) * Mozilla Firefox nsIPresShell Use-After-Free Remote Code Execution Vulnerability
Firefox ESR 38.3 fixes these issues: * Memory-safety bugs in NetworkUtils.cpp generally (CVE-2015-4517) * Memory-safety bugs in ConvertDialogOptions (CVE-2015-4521) * Overflow in nsUnicodeToUTF8::GetMaxLength can create memory-safety bugs in callers (CVE-2015-4522) * Overflow in nsAttrAndChildArray::GrowBy causes memory-safety bug (CVE-2015-7174) * Overflow in XULContentSinkImpl::AddText causes memory-safety bug (CVE-2015-7175) * Bad sscanf argument in AnimationThread overruns stack variable (CVE-2015-7176) * Memory-safety bug in InitTextures (CVE-2015-7177) * Mishandling return status in ReadbackResultWriterD3D11::Run might cause memory-safety bug (CVE-2015-7180) * CORS preflight cache poisoning with the credentials flag (CVE-2015-4520) * CORS preflight cache poisoning with a CORS header being mistaken with another CORS header * Information leakage: Dragging and dropping image to <textbox> pastes final URL of image after redirects (CVE-2015-4519) * HTMLVideoElement Use-After-Free Remote Code Execution (CVE-2015-4509) * Heap-buffer-overflow due to overflow in nestegg_track_codec_data (MFSA-2015-105) * maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file in vp9_init_context_buffers (CVE-2015-4506) * memory safety problems and crashes that affect Firefox ESR 38.2 (CVE-2015-4500)
MFSA-2015-105 is CVE-2015-4511, so: * Heap-buffer-overflow due to overflow in nestegg_track_codec_data (CVE-2015-4511)
Advisories: firefox-de.yaml firefox-en.yaml
OK: apt-get install firefox-de=1:38.2.0esr-1.60.201508181738 OK: apt-get install firefox-de OK: apt-get purge firefox-de OK: apt-get install firefox-de OK: apt-get install firefox-en=1:38.2.0esr-1.55.201508181735 OK: apt-get install firefox-en OK: apt-get purge firefox-en OK: apt-get install firefox-en OK: about: 38.3.0 OK: amd64 i386 OK: https://www.google.de/ OK: https://www.univention.de/ OK: https://forge.univention.org/ OK: http://www.tagesschau.de/ OK: https://www.youtube.com/ OK: 2015-09-24-firefox-??.yaml OK: announce_errata -V 2015-09-24-firefox-de.yaml OK: announce_errata -V 2015-09-24-firefox-en.yaml
<http://errata.software-univention.de/ucs/3.2/374.html> <http://errata.software-univention.de/ucs/3.2/375.html>