Date: Tue, 8 Mar 2016 19:45:11 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r410651 - head/security/vuxml Message-ID: <201603081945.u28JjBNV098210@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Tue Mar 8 19:45:11 2016 New Revision: 410651 URL: https://svnweb.freebsd.org/changeset/ports/410651 Log: Document recent Firefox vulnerabilities Modified: head/security/vuxml/vuln.xml (contents, props changed) Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Mar 8 19:37:36 2016 (r410650) +++ head/security/vuxml/vuln.xml Tue Mar 8 19:45:11 2016 (r410651) @@ -58,6 +58,292 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="2225c5b4-1e5a-44fc-9920-b3201c384a15"> + <topic>mozilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>firefox</name> + <name>linux-firefox</name> + <range><lt>45.0,1</lt></range> + </package> + <package> + <name>seamonkey</name> + <name>linux-seamonkey</name> + <range><lt>2.42</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>38.7.0,1</lt></range> + </package> + <package> + <name>libxul</name> + <name>thunderbird</name> + <name>linux-thunderbird</name> + <range><lt>38.7.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mozilla Foundation reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45">; + <p>MFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 + / rv:38.7)</p> + <p>MFSA 2016-17 Local file overwriting and potential + privilege escalation through CSP reports</p> + <p>MFSA 2016-18 CSP reports fail to strip location + information for embedded iframe pages</p> + <p>MFSA 2016-19 Linux video memory DOS with Intel + drivers</p> + <p>MFSA 2016-20 Memory leak in libstagefright when deleting + an array during MP4 processing</p> + <p>MFSA 2016-21 Displayed page address can be overridden</p> + <p>MFSA 2016-22 Service Worker Manager out-of-bounds read in + Service Worker Manager</p> + <p>MFSA 2016-23 Use-after-free in HTML5 string parser</p> + <p>MFSA 2016-24 Use-after-free in SetBody</p> + <p>MFSA 2016-25 Use-after-free when using multiple WebRTC + data channels</p> + <p>MFSA 2016-26 Memory corruption when modifying a file + being read by FileReader</p> + <p>MFSA 2016-27 Use-after-free during XML + transformations</p> + <p>MFSA 2016-28 Addressbar spoofing though history + navigation and Location protocol property</p> + <p>MFSA 2016-29 Same-origin policy violation using + perfomance.getEntries and history navigation with session + restore</p> + <p>MFSA 2016-30 Buffer overflow in Brotli decompression</p> + <p>MFSA 2016-31 Memory corruption with malicious NPAPI + plugin</p> + <p>MFSA 2016-32 WebRTC and LibVPX vulnerabilities found + through code inspection</p> + <p>MFSA 2016-33 Use-after-free in GetStaticInstance in + WebRTC</p> + <p>MFSA 2016-34 Out-of-bounds read in HTML parser following + a failed allocation</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-1952</cvename> + <cvename>CVE-2016-1953</cvename> + <cvename>CVE-2016-1954</cvename> + <cvename>CVE-2016-1955</cvename> + <cvename>CVE-2016-1956</cvename> + <cvename>CVE-2016-1957</cvename> + <cvename>CVE-2016-1958</cvename> + <cvename>CVE-2016-1959</cvename> + <cvename>CVE-2016-1960</cvename> + <cvename>CVE-2016-1961</cvename> + <cvename>CVE-2016-1962</cvename> + <cvename>CVE-2016-1963</cvename> + <cvename>CVE-2016-1964</cvename> + <cvename>CVE-2016-1965</cvename> + <cvename>CVE-2016-1966</cvename> + <cvename>CVE-2016-1967</cvename> + <cvename>CVE-2016-1968</cvename> + <cvename>CVE-2016-1970</cvename> + <cvename>CVE-2016-1971</cvename> + <cvename>CVE-2016-1972</cvename> + <cvename>CVE-2016-1973</cvename> + <cvename>CVE-2016-1974</cvename> + <cvename>CVE-2016-1975</cvename> + <cvename>CVE-2016-1976</cvename> + <url>https://www.mozilla.org/security/advisories/mfsa2016-16/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-17/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-18/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-19/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-20/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-21/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-22/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-23/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-24/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-25/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-26/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-27/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-28/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-29/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-30/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-31/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-32/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-33/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-34/</url>; + </references> + <dates> + <discovery>2016-03-08</discovery> + <entry>2016-03-08</entry> + </dates> + </vuln> + + <vuln vid="adffe823-e692-4921-ae9c-0b825c218372"> + <topic>graphite2 -- multiple vulnerabilities</topic> + <affects> + <package> + <name>graphite2</name> + <range><lt>1.3.6</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>45.0,1</lt></range> + </package> + <package> + <name>linux-thunderbird</name> + <range><lt>38.7.0</lt></range> + </package> + <package> + <name>linux-seamonkey</name> + <range><lt>2.42</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mozilla Foundation reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/">; + <p>Security researcher Holger Fuhrmannek and Mozilla + security engineer Tyson Smith reported a number of security + vulnerabilities in the Graphite 2 library affecting version + 1.3.5. + + The issue reported by Holger Fuhrmannek is a mechanism to + induce stack corruption with a malicious graphite font. This + leads to a potentially exploitable crash when the font is + loaded. + + Tyson Smith used the Address Sanitizer tool in concert with + a custom software fuzzer to find a series of uninitialized + memory, out-of-bounds read, and out-of-bounds write errors + when working with fuzzed graphite fonts.</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.mozilla.org/security/advisories/mfsa2016-37/</url>; + <cvename>CVE-2016-1977</cvename> + <cvename>CVE-2016-2790</cvename> + <cvename>CVE-2016-2791</cvename> + <cvename>CVE-2016-2792</cvename> + <cvename>CVE-2016-2793</cvename> + <cvename>CVE-2016-2794</cvename> + <cvename>CVE-2016-2795</cvename> + <cvename>CVE-2016-2796</cvename> + <cvename>CVE-2016-2797</cvename> + <cvename>CVE-2016-2798</cvename> + <cvename>CVE-2016-2799</cvename> + <cvename>CVE-2016-2800</cvename> + <cvename>CVE-2016-2801</cvename> + <cvename>CVE-2016-2802</cvename> + </references> + <dates> + <discovery>2016-03-08</discovery> + <entry>2016-03-08</entry> + </dates> + </vuln> + + <vuln vid="c4292768-5273-4f17-a267-c5fe35125ce4"> + <topic>NSS -- multiple vulnerabilities</topic> + <affects> + <package> + <name>nss</name> + <name>linux-c6-nss</name> + <range><ge>3.20</ge><lt>3.21.1</lt></range> + <range><lt>3.19.2.3</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>45.0,1</lt></range> + </package> + <package> + <name>linux-thunderbird</name> + <range><lt>38.7.0</lt></range> + </package> + <package> + <name>linux-seamonkey</name> + <range><lt>2.42</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mozilla Foundation reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/">; + <p>Security researcher Francis Gabriel reported a heap-based + buffer overflow in the way the Network Security Services + (NSS) libraries parsed certain ASN.1 structures. An attacker + could create a specially-crafted certificate which, when + parsed by NSS, would cause it to crash or execute arbitrary + code with the permissions of the user.</p> + </blockquote> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/">; + <p>Mozilla developer Tim Taubert used the Address Sanitizer + tool and software fuzzing to discover a use-after-free + vulnerability while processing DER encoded keys in the + Network Security Services (NSS) libraries. The vulnerability + overwrites the freed memory with zeroes.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-1950</cvename> + <cvename>CVE-2016-1979</cvename> + <url>https://www.mozilla.org/security/advisories/mfsa2016-35/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-36/</url>; + <url>https://hg.mozilla.org/projects/nss/rev/b9a31471759d</url>; + <url>https://hg.mozilla.org/projects/nss/rev/7033b1193c94</url>; + </references> + <dates> + <discovery>2016-03-08</discovery> + <entry>2016-03-08</entry> + </dates> + </vuln> + + <vuln vid="75091516-6f4b-4059-9884-6727023dc366"> + <topic>NSS -- multiple vulnerabilities</topic> + <affects> + <package> + <name>nss</name> + <name>linux-c6-nss</name> + <range><lt>3.21</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>44.0,1</lt></range> + </package> + <package> + <name>linux-seamonkey</name> + <range><lt>2.41</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mozilla Foundation reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2016-07/">; + <p>Security researcher Hanno Böck reported that calculations + with mp_div and mp_exptmod in Network Security Services + (NSS) can produce wrong results in some circumstances. These + functions are used within NSS for a variety of cryptographic + division functions, leading to potential cryptographic + weaknesses.</p> + </blockquote> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2016-15/">; + <p>Mozilla developer Eric Rescorla reported that a failed + allocation during DHE and ECDHE handshakes would lead to a + use-after-free vulnerability.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-1938</cvename> + <cvename>CVE-2016-1978</cvename> + <url>https://www.mozilla.org/security/advisories/mfsa2016-07/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-15/</url>; + <url>https://hg.mozilla.org/projects/nss/rev/a555bf0fc23a</url>; + <url>https://hg.mozilla.org/projects/nss/rev/a245a4ccd354</url>; + </references> + <dates> + <discovery>2016-01-26</discovery> + <entry>2016-03-08</entry> + </dates> + </vuln> + <vuln vid="f9e6c0d1-e4cc-11e5-b2bd-002590263bf5"> <topic>django -- multiple vulnerabilies</topic> <affects> @@ -1903,6 +2189,10 @@ Notes: <name>silgraphite</name> <range><lt>2.3.1_4</lt></range> </package> + <package> + <name>linux-thunderbird</name> + <range><lt>38.6.0</lt></range> + </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; @@ -1926,6 +2216,7 @@ Notes: <references> <url>http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html</url>; <url>http://www.talosintel.com/reports/TALOS-2016-0061/</url>; + <url>https://www.mozilla.org/security/advisories/mfsa2016-14/</url>; <cvename>CVE-2016-1521</cvename> <cvename>CVE-2016-1522</cvename> <cvename>CVE-2016-1523</cvename> @@ -1934,7 +2225,7 @@ Notes: <dates> <discovery>2016-02-05</discovery> <entry>2016-02-09</entry> - <modified>2016-03-02</modified> + <modified>2016-03-08</modified> </dates> </vuln> @@ -2533,8 +2824,6 @@ Notes: set in cookie names</p> <p>MFSA 2016-06 Missing delay following user click events in protocol handler dialog</p> - <p>MFSA 2016-07 Errors in mp_div and mp_exptmod - cryptographic functions in NSS</p> <p>MFSA 2016-09 Addressbar spoofing attacks</p> <p>MFSA 2016-10 Unsafe memory manipulation found through code inspection</p> @@ -2550,7 +2839,6 @@ Notes: <cvename>CVE-2016-1933</cvename> <cvename>CVE-2016-1935</cvename> <cvename>CVE-2016-1937</cvename> - <cvename>CVE-2016-1938</cvename> <cvename>CVE-2016-1939</cvename> <cvename>CVE-2016-1942</cvename> <cvename>CVE-2016-1943</cvename> @@ -2563,7 +2851,6 @@ Notes: <url>https://www.mozilla.org/security/advisories/mfsa2016-03/</url>; <url>https://www.mozilla.org/security/advisories/mfsa2016-04/</url>; <url>https://www.mozilla.org/security/advisories/mfsa2016-06/</url>; - <url>https://www.mozilla.org/security/advisories/mfsa2016-07/</url>; <url>https://www.mozilla.org/security/advisories/mfsa2016-09/</url>; <url>https://www.mozilla.org/security/advisories/mfsa2016-10/</url>; <url>https://www.mozilla.org/security/advisories/mfsa2016-11/</url>; @@ -2571,6 +2858,7 @@ Notes: <dates> <discovery>2016-01-26</discovery> <entry>2016-02-01</entry> + <modified>2016-03-08</modified> </dates> </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201603081945.u28JjBNV098210>