Overview

File _patchinfo of Package patchinfo.1715

<patchinfo incident="1715">
  <issue id="959277" tracker="bnc" />
  <issue id="CVE-2015-7201" tracker="cve" />
  <issue id="CVE-2015-7202" tracker="cve" />
  <issue id="CVE-2015-7214" tracker="cve" />
  <issue id="CVE-2015-7213" tracker="cve" />
  <issue id="CVE-2015-7205" tracker="cve" />
  <issue id="CVE-2015-7212" tracker="cve" />
  <issue id="CVE-2015-7222" tracker="cve" />
  <issue id="CVE-2015-7210" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pcerny</packager>
  <description>
MozillaFirefox was updated to version 38.5.0 ESR to fix the following issues: 

* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
  Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
* MFSA 2015-138/CVE-2015-7210
  A use-after-free in WebRTC when datachannel is used after being
  destroyed
* MFSA 2015-139/CVE-2015-7212
  An integer overflow allocating extremely large textures
* MFSA 2015-145/CVE-2015-7205
  A underflow found through code inspection
* MFSA 2015-146/CVE-2015-7213
  A integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222
  Integer underflow and buffer overflow processing MP4 metadata
  in libstagefright
* MFSA 2015-149/CVE-2015-7214
  Cross-site reading attack through data and view-source URIs
</description>
  <summary>Security update for MozillaFirefox</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places