Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.317
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.317
<patchinfo incident="317"> <issue id="910669" tracker="bnc">MozillaFirefox 35/31.4.0 security release</issue> <issue id="909563" tracker="bnc">MozillaFirefox displays error messages for addons.xpi during startup from terminal.</issue> <issue id="910647" tracker="bnc"></issue> <issue id="CVE-2014-8641" tracker="cve" /> <issue id="CVE-2014-8639" tracker="cve" /> <issue id="CVE-2014-8638" tracker="cve" /> <issue id="CVE-2014-8635" tracker="cve" /> <issue id="CVE-2014-8634" tracker="cve" /> <issue id="CVE-2014-1569" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pcerny</packager> <description> This update fixes the following security issues in MozillaFirefox: - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889, bmo#1111737, bmo#1026774, bmo#1027300, bmo#1054538, bmo#1067473, bmo#1070962, bmo#1072130, bmo#1072871, bmo#1098583) Miscellaneous memory safety hazards (rv:35.0 / rv:31.4) - MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header - MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses - MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC Also Mozilla NSS was updated to 3.17.3 to fix: * The QuickDER decoder now decodes lengths robustly (bmo#1064670/CVE-2014-1569) * Support for TLS_FALLBACK_SCSV has been added to the ssltap and tstclnt utilities * Changes in CA certificates </description> <summary>Security update for MozillaFirefox</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor