From owner-freebsd-gecko@FreeBSD.ORG  Mon Dec  1 18:23:57 2014
Return-Path: <owner-freebsd-gecko@FreeBSD.ORG>
Delivered-To: freebsd-gecko@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id D77B8C93
 for <freebsd-gecko@freebsd.org>; Mon,  1 Dec 2014 18:23:57 +0000 (UTC)
Received: from trillian.chruetertee.ch (trillian.chruetertee.ch
 [217.150.244.247])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 59F9E2F3
 for <freebsd-gecko@freebsd.org>; Mon,  1 Dec 2014 18:23:56 +0000 (UTC)
Received: from trillian.chruetertee.ch (trillian [217.150.244.247])
 by trillian.chruetertee.ch (8.14.4/8.14.3) with ESMTP id sB1INmIs072534
 for <freebsd-gecko@freebsd.org>; Mon, 1 Dec 2014 18:23:48 GMT
 (envelope-from svn-freebsd-gecko@chruetertee.ch)
Received: (from www@localhost)
 by trillian.chruetertee.ch (8.14.4/8.14.3/Submit) id sB1INhpd072184
 for freebsd-gecko@freebsd.org; Mon, 1 Dec 2014 18:23:43 GMT
 (envelope-from svn-freebsd-gecko@chruetertee.ch)
Date: Mon, 1 Dec 2014 18:23:43 GMT
Message-Id: <201412011823.sB1INhpd072184@trillian.chruetertee.ch>
X-Authentication-Warning: trillian.chruetertee.ch: www set sender to
 svn-freebsd-gecko@chruetertee.ch using -f
From: svn-freebsd-gecko@chruetertee.ch
To: freebsd-gecko@freebsd.org
Subject: [SVN-Commit] r1781 - branches/firefox34
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Reply-To: freebsd-gecko@freebsd.org
X-BeenThere: freebsd-gecko@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Gecko Rendering Engine issues <freebsd-gecko.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-gecko>,
 <mailto:freebsd-gecko-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-gecko/>
List-Post: <mailto:freebsd-gecko@freebsd.org>
List-Help: <mailto:freebsd-gecko-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-gecko>,
 <mailto:freebsd-gecko-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Dec 2014 18:23:58 -0000

Author: jbeich
Date: Mon Dec  1 18:23:42 2014
New Revision: 1781

Log:
prepare for merge

Added:
   branches/firefox34/
      - copied from r1780, trunk/
   branches/firefox34/VuXML

Added: branches/firefox34/VuXML
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/firefox34/VuXML	Mon Dec  1 18:23:42 2014	(r1781)
@@ -0,0 +1,76 @@
+  <vuln vid="7ae61870-9dd2-4884-a2f2-f19bb5784d09">
+    <topic>mozilla -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>firefox</name>
+	<range><lt>34.0,1</lt></range>
+      </package>
+      <package>
+	<name>firefox-esr</name>
+	<range><lt>31.3.0,1</lt></range>
+      </package>
+      <package>
+	<name>linux-firefox</name>
+	<range><lt>34.0,1</lt></range>
+      </package>
+      <package>
+	<name>linux-seamonkey</name>
+	<range><lt>2.31</lt></range>
+      </package>
+      <package>
+	<name>linux-thunderbird</name>
+	<range><lt>31.3.0</lt></range>
+      </package>
+      <package>
+	<name>seamonkey</name>
+	<range><lt>2.31</lt></range>
+      </package>
+      <package>
+	<name>thunderbird</name>
+	<range><lt>31.3.0</lt></range>
+      </package>
+      <package>
+	<name>libxul</name>
+	<range><lt>31.3.0</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>The Mozilla Project reports:</p>
+	<blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/">
+	  <p>MSFA-2014-89 Bad casting from the BasicThebesLayer to
+	    BasicContainerLayer</p>
+	  <p>MSFA-2014-88 Buffer overflow while parsing media content</p>
+	  <p>MSFA-2014-87 Use-after-free during HTML5 parsing</p>
+	  <p>MSFA-2014-86 CSP leaks redirect data via violation reports</p>
+	  <p>MSFA-2014-85 XMLHttpRequest crashes with some input streams</p>
+	  <p>MSFA-2014-84 XBL bindings accessible via improper CSS
+	    declarations</p>
+	  <p>MSFA-2014-83 Miscellaneous memory safety hazards (rv:34.0
+	    / rv:31.3)</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2014-1587</cvename>
+      <cvename>CVE-2014-1588</cvename>
+      <cvename>CVE-2014-1589</cvename>
+      <cvename>CVE-2014-1590</cvename>
+      <cvename>CVE-2014-1591</cvename>
+      <cvename>CVE-2014-1592</cvename>
+      <cvename>CVE-2014-1593</cvename>
+      <cvename>CVE-2014-1594</cvename>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-83</url>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-84</url>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-85</url>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-86</url>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-87</url>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-88</url>
+      <url>https://www.mozilla.org/security/advisories/mfsa2014-89</url>
+      <url>https://www.mozilla.org/security/advisories/</url>
+    </references>
+    <dates>
+      <discovery>2014-12-01</discovery>
+      <entry>2014-12-01</entry>
+    </dates>
+  </vuln>