aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorflo <flo@FreeBSD.org>2013-09-19 06:40:57 +0800
committerflo <flo@FreeBSD.org>2013-09-19 06:40:57 +0800
commit27fddb1645b869e5ade4ba92241bb4cf7d22549e (patch)
tree424e8968903e2637d7f62a6c7e33ecfdbabacec0 /security
parente08654be8690a9ff28a3f4a4c82d16fa8db44667 (diff)
downloadfreebsd-ports-gnome-27fddb1645b869e5ade4ba92241bb4cf7d22549e.tar.gz
freebsd-ports-gnome-27fddb1645b869e5ade4ba92241bb4cf7d22549e.tar.zst
freebsd-ports-gnome-27fddb1645b869e5ade4ba92241bb4cf7d22549e.zip
- update firefox, thunderbird and libxul to 24.0
- update seamonkey to 2.21 - update firefox-esr to 17.0.9 - enable GSTREAMER by default for html5 with h264/aac/mp3 - WEBRTC is now always built - add PROFILE and TESTS options Security: 7dfed67b-20aa-11e3-b8d8-0025905a4771 In collaboration with: Jan Beich <jbeich@tormail.org>
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml106
1 files changed, 106 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 464bbbbdc6c0..6bc2e5581b17 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -51,6 +51,112 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="7dfed67b-20aa-11e3-b8d8-0025905a4771">
+ <topic>mozilla -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>firefox</name>
+ <range><gt>18.0,1</gt><lt>24.0,1</lt></range>
+ <range><lt>17.0.9,1</lt></range>
+ </package>
+ <package>
+ <name>linux-firefox</name>
+ <range><lt>17.0.9,1</lt></range>
+ </package>
+ <package>
+ <name>linux-seamonkey</name>
+ <range><lt>2.21</lt></range>
+ </package>
+ <package>
+ <name>linux-thunderbird</name>
+ <range><lt>17.0.9</lt></range>
+ </package>
+ <package>
+ <name>seamonkey</name>
+ <range><lt>2.21</lt></range>
+ </package>
+ <package>
+ <name>thunderbird</name>
+ <range><lt>24.0,1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The Mozilla Project reports:</p>
+ <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/">
+ <p> MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 /
+ rv:17.0.9)</p>
+ <p> MFSA 2013-77 Improper state in HTML5 Tree Builder with templates</p>
+ <p> MFSA 2013-78 Integer overflow in ANGLE library</p>
+ <p> MFSA 2013-79 Use-after-free in Animation Manager during stylesheet
+ cloning</p>
+ <p> MFSA 2013-80 NativeKey continues handling key messages after
+ widget is destroyed</p>
+ <p> MFSA 2013-81 Use-after-free with select element</p>
+ <p> MFSA 2013-82 Calling scope for new Javascript objects can lead to
+ memory corruption</p>
+ <p> MFSA 2013-83 Mozilla Updater does not lock MAR file after
+ signature verification</p>
+ <p> MFSA 2013-84 Same-origin bypass through symbolic links</p>
+ <p> MFSA 2013-85 Uninitialized data in IonMonkey</p>
+ <p> MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA
+ graphic drivers</p>
+ <p> MFSA 2013-87 Shared object library loading from writable location</p>
+ <p> MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes</p>
+ <p> MFSA 2013-89 Buffer overflow with multi-column, lists, and floats</p>
+ <p> MFSA 2013-90 Memory corruption involving scrolling</p>
+ <p> MFSA 2013-91 User-defined properties on DOM proxies get the wrong
+ "this" object</p>
+ <p> MFSA 2013-92 GC hazard with default compartments and frame chain
+ restoration</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-1718</cvename>
+ <cvename>CVE-2013-1719</cvename>
+ <cvename>CVE-2013-1720</cvename>
+ <cvename>CVE-2013-1721</cvename>
+ <cvename>CVE-2013-1722</cvename>
+ <cvename>CVE-2013-1723</cvename>
+ <cvename>CVE-2013-1724</cvename>
+ <cvename>CVE-2013-1725</cvename>
+ <cvename>CVE-2013-1726</cvename>
+ <cvename>CVE-2013-1727</cvename>
+ <cvename>CVE-2013-1728</cvename>
+ <cvename>CVE-2013-1729</cvename>
+ <cvename>CVE-2013-1730</cvename>
+ <cvename>CVE-2013-1731</cvename>
+ <cvename>CVE-2013-1732</cvename>
+ <cvename>CVE-2013-1735</cvename>
+ <cvename>CVE-2013-1736</cvename>
+ <cvename>CVE-2013-1737</cvename>
+ <cvename>CVE-2013-1738</cvename>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-76.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-77.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-78.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-79.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-80.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-81.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-82.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-83.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-84.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-85.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-86.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-87.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-88.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-89.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-90.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-91.html</url>
+ <url>https://www.mozilla.org/security/announce/2013/mfsa2013-92.html</url>
+ <url>http://www.mozilla.org/security/known-vulnerabilities/</url>
+ </references>
+ <dates>
+ <discovery>2013-08-17</discovery>
+ <entry>2013-08-18</entry>
+ </dates>
+ </vuln>
+
<vuln vid="5bd6811f-1c75-11e3-ba72-98fc11cdc4f5">
<topic>linux-flashplugin -- multiple vulnerabilities</topic>
<affects>
generated by cgit (git 2.34.1) at 2025-01-21 22:47:06 +0800