Overview

File _patchinfo of Package patchinfo.2691

<patchinfo>
  <issue id="868603" tracker="bnc">VUL-0: MozillaFirefox 28 security release</issue>
  <issue id="CVE-2014-1494" tracker="cve" />
  <issue id="CVE-2014-1508" tracker="cve" />
  <issue id="CVE-2014-1509" tracker="cve" />
  <issue id="CVE-2014-1499" tracker="cve" />
  <issue id="CVE-2014-1493" tracker="cve" />
  <issue id="CVE-2014-1511" tracker="cve" />
  <issue id="CVE-2014-1510" tracker="cve" />
  <issue id="CVE-2014-1513" tracker="cve" />
  <issue id="CVE-2014-1512" tracker="cve" />
  <issue id="CVE-2014-1498" tracker="cve" />
  <issue id="CVE-2014-1514" tracker="cve" />
  <issue id="CVE-2014-1504" tracker="cve" />
  <issue id="CVE-2014-1505" tracker="cve" />
  <issue id="CVE-2014-1502" tracker="cve" />
  <issue id="CVE-2014-1497" tracker="cve" />
  <issue id="CVE-2014-1500" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>wrosenauer</packager>
  <description>
Mozilla Thunderbird was updated to 24.4.0.
Mozilla SeaMonkey was updated to 2.25.

  * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
    Miscellaneous memory safety hazards
  * MFSA 2014-17/CVE-2014-1497 (bmo#966311)
    Out of bounds read during WAV file decoding
  * MFSA 2014-18/CVE-2014-1498 (bmo#935618)
    crypto.generateCRMFRequest does not validate type of key
  * MFSA 2014-19/CVE-2014-1499 (bmo#961512)
    Spoofing attack on WebRTC permission prompt
  * MFSA 2014-20/CVE-2014-1500 (bmo#956524)
    onbeforeunload and Javascript navigation DOS
  * MFSA 2014-22/CVE-2014-1502 (bmo#972622)
    WebGL content injection from one domain to rendering in another
  * MFSA 2014-23/CVE-2014-1504 (bmo#911547)
    Content Security Policy for data: documents not preserved by
    session restore
  * MFSA 2014-26/CVE-2014-1508 (bmo#963198)
    Information disclosure through polygon rendering in MathML
  * MFSA 2014-27/CVE-2014-1509 (bmo#966021)
    Memory corruption in Cairo during PDF font rendering
  * MFSA 2014-28/CVE-2014-1505 (bmo#941887)
    SVG filters information disclosure through feDisplacementMap
  * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
    Privilege escalation using WebIDL-implemented APIs
  * MFSA 2014-30/CVE-2014-1512 (bmo#982957)
    Use-after-free in TypeObject
  * MFSA 2014-31/CVE-2014-1513 (bmo#982974)
    Out-of-bounds read/write through neutering ArrayBuffer objects
  * MFSA 2014-32/CVE-2014-1514 (bmo#983344)
    Out-of-bounds write through TypedArrayObject after neutering

</description>
  <summary>MozillaThunderbird,seamonkey: security update</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places