Date: Mon, 1 Dec 2014 18:23:43 GMT From: svn-freebsd-gecko@chruetertee.ch To: freebsd-gecko@freebsd.org Subject: [SVN-Commit] r1781 - branches/firefox34 Message-ID: <201412011823.sB1INhpd072184@trillian.chruetertee.ch>
next in thread | raw e-mail | index | archive | help
Author: jbeich
Date: Mon Dec 1 18:23:42 2014
New Revision: 1781
Log:
prepare for merge
Added:
branches/firefox34/
- copied from r1780, trunk/
branches/firefox34/VuXML
Added: branches/firefox34/VuXML
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/firefox34/VuXML Mon Dec 1 18:23:42 2014 (r1781)
@@ -0,0 +1,76 @@
+ <vuln vid="7ae61870-9dd2-4884-a2f2-f19bb5784d09">
+ <topic>mozilla -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>firefox</name>
+ <range><lt>34.0,1</lt></range>
+ </package>
+ <package>
+ <name>firefox-esr</name>
+ <range><lt>31.3.0,1</lt></range>
+ </package>
+ <package>
+ <name>linux-firefox</name>
+ <range><lt>34.0,1</lt></range>
+ </package>
+ <package>
+ <name>linux-seamonkey</name>
+ <range><lt>2.31</lt></range>
+ </package>
+ <package>
+ <name>linux-thunderbird</name>
+ <range><lt>31.3.0</lt></range>
+ </package>
+ <package>
+ <name>seamonkey</name>
+ <range><lt>2.31</lt></range>
+ </package>
+ <package>
+ <name>thunderbird</name>
+ <range><lt>31.3.0</lt></range>
+ </package>
+ <package>
+ <name>libxul</name>
+ <range><lt>31.3.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">;
+ <p>The Mozilla Project reports:</p>
+ <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/">;
+ <p>MSFA-2014-89 Bad casting from the BasicThebesLayer to
+ BasicContainerLayer</p>
+ <p>MSFA-2014-88 Buffer overflow while parsing media content</p>
+ <p>MSFA-2014-87 Use-after-free during HTML5 parsing</p>
+ <p>MSFA-2014-86 CSP leaks redirect data via violation reports</p>
+ <p>MSFA-2014-85 XMLHttpRequest crashes with some input streams</p>
+ <p>MSFA-2014-84 XBL bindings accessible via improper CSS
+ declarations</p>
+ <p>MSFA-2014-83 Miscellaneous memory safety hazards (rv:34.0
+ / rv:31.3)</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2014-1587</cvename>
+ <cvename>CVE-2014-1588</cvename>
+ <cvename>CVE-2014-1589</cvename>
+ <cvename>CVE-2014-1590</cvename>
+ <cvename>CVE-2014-1591</cvename>
+ <cvename>CVE-2014-1592</cvename>
+ <cvename>CVE-2014-1593</cvename>
+ <cvename>CVE-2014-1594</cvename>
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-83</url>;
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-84</url>;
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-85</url>;
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-86</url>;
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-87</url>;
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-88</url>;
+ <url>https://www.mozilla.org/security/advisories/mfsa2014-89</url>;
+ <url>https://www.mozilla.org/security/advisories/</url>;
+ </references>
+ <dates>
+ <discovery>2014-12-01</discovery>
+ <entry>2014-12-01</entry>
+ </dates>
+ </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201412011823.sB1INhpd072184>