File _patchinfo of Package patchinfo.1158
<patchinfo incident="1158"> <issue id="947003" tracker="bnc">VUL-0: MozillaFirefox 41 / 38.3.0 ESR security release</issue> <issue id="CVE-2015-4509" tracker="cve" /> <issue id="CVE-2015-4520" tracker="cve" /> <issue id="CVE-2015-4521" tracker="cve" /> <issue id="CVE-2015-4522" tracker="cve" /> <issue id="CVE-2015-4511" tracker="cve" /> <issue id="CVE-2015-4500" tracker="cve" /> <issue id="CVE-2015-4501" tracker="cve" /> <issue id="CVE-2015-4506" tracker="cve" /> <issue id="CVE-2015-4517" tracker="cve" /> <issue id="CVE-2015-4519" tracker="cve" /> <issue id="CVE-2015-7180" tracker="cve" /> <issue id="CVE-2015-7176" tracker="cve" /> <issue id="CVE-2015-7177" tracker="cve" /> <issue id="CVE-2015-7174" tracker="cve" /> <issue id="CVE-2015-7175" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pcerny</packager> <description> Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003), fixing bugs and security issues. * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3) * MFSA 2015-101/CVE-2015-4506 Buffer overflow in libvpx while parsing vp9 format video * MFSA 2015-105/CVE-2015-4511 Buffer overflow while decoding WebM video * MFSA 2015-106/CVE-2015-4509 Use-after-free while manipulating HTML media content * MFSA 2015-110/CVE-2015-4519 Dragging and dropping images exposes final URL after redirects * MFSA 2015-111/CVE-2015-4520 Errors in the handling of CORS preflight request headers * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522 CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177 CVE-2015-7180 Vulnerabilities found through code inspection More details can be found on https://www.mozilla.org/en-US/security/advisories/ The Mozilla NSPR library was updated to version 4.10.9, fixing various bugs. </description> <summary>Security update for MozillaFirefox, mozilla-nspr</summary> </patchinfo>
