Overview

File _patchinfo of Package patchinfo.2774

<patchinfo>
  <issue id="875378" tracker="bnc">VUL-0: Firefox 29 security release</issue>
  <issue id="CVE-2014-1519" tracker="cve" />
  <issue id="CVE-2014-1518" tracker="cve" />
  <issue id="CVE-2014-1522" tracker="cve" />
  <issue id="CVE-2014-1523" tracker="cve" />
  <issue id="CVE-2014-1524" tracker="cve" />
  <issue id="CVE-2014-1525" tracker="cve" />
  <issue id="CVE-2014-1531" tracker="cve" />
  <issue id="CVE-2014-1530" tracker="cve" />
  <issue id="CVE-2014-1528" tracker="cve" />
  <issue id="CVE-2014-1529" tracker="cve" />
  <issue id="CVE-2014-1492" tracker="cve" />
  <issue id="CVE-2014-1526" tracker="cve" />
  <issue id="CVE-2014-1532" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>wrosenauer</packager>
  <description>This is a SeaMonkey update to version 2.26:
  * MFSA 2014-34/CVE-2014-1518/CVE-2014-1519
    Miscellaneous memory safety hazards
  * MFSA 2014-36/CVE-2014-1522 (bmo#995289)
    Web Audio memory corruption issues
  * MFSA 2014-37/CVE-2014-1523 (bmo#969226)
    Out of bounds read while decoding JPG images
  * MFSA 2014-38/CVE-2014-1524 (bmo#989183)
    Buffer overflow when using non-XBL object as XBL
  * MFSA 2014-39/CVE-2014-1525 (bmo#989210)
    Use-after-free in the Text Track Manager for HTML video
  * MFSA 2014-41/CVE-2014-1528 (bmo#963962)
    Out-of-bounds write in Cairo
  * MFSA 2014-42/CVE-2014-1529 (bmo#987003)
    Privilege escalation through Web Notification API
  * MFSA 2014-43/CVE-2014-1530 (bmo#895557)
    Cross-site scripting (XSS) using history navigations
  * MFSA 2014-44/CVE-2014-1531 (bmo#987140)
    Use-after-free in imgLoader while resizing images
  * MFSA 2014-45/CVE-2014-1492 (bmo#903885)
    Incorrect IDNA domain name matching for wildcard certificates
    (fixed by NSS 3.16)
  * MFSA 2014-46/CVE-2014-1532 (bmo#966006)
    Use-after-free in nsHostResolver
  * MFSA 2014-47/CVE-2014-1526 (bmo#988106)
    Debugger can bypass XrayWrappers with JavaScript
- rebased patches
- added aarch64 porting patches
  * mozilla-aarch64-bmo-810631.patch
  * mozilla-aarch64-bmo-962488.patch
  * mozilla-aarch64-bmo-963023.patch
  * mozilla-aarch64-bmo-963024.patch
  * mozilla-aarch64-bmo-963027.patch
- requires NSPR 4.10.3 and NSS 3.16
- added mozilla-icu-strncat.patch to fix post build checks
</description>
  <summary>update for seamonkey</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places