diff options
| author | jbeich <jbeich@FreeBSD.org> | 2015-08-28 20:34:31 +0800 |
|---|---|---|
| committer | jbeich <jbeich@FreeBSD.org> | 2015-08-28 20:34:31 +0800 |
| commit | a2ac2effbbfef39bf0200c933c2fd7ab62c0c4b0 (patch) | |
| tree | d0ab1d80d583a5489b2d124216866928483f7680 /security | |
| parent | 6f3e2a2709b35068932c98852d98b7ec539b98b1 (diff) | |
| download | freebsd-ports-gnome-a2ac2effbbfef39bf0200c933c2fd7ab62c0c4b0.tar.gz freebsd-ports-gnome-a2ac2effbbfef39bf0200c933c2fd7ab62c0c4b0.tar.zst freebsd-ports-gnome-a2ac2effbbfef39bf0200c933c2fd7ab62c0c4b0.zip | |
Document recent mozilla vulnerabilities
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 51e78af25a15..877faf7422c8 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,44 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="237a201c-888b-487f-84d3-7d92266381d6"> + <topic>mozilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>40.0.3,1</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>40.0.3,1</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>38.2.1,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Mozilla Project reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/"> + <p>MFSA 2015-95 Add-on notification bypass through data URLs</p> + <p>MFSA 2015-94 Use-after-free when resizing canvas element + during restyling</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2015-4497</cvename> + <cvename>CVE-2015-4498</cvename> + <url>https://www.mozilla.org/security/advisories/mfsa2015-94/</url> + <url>https://www.mozilla.org/security/advisories/mfsa2015-95/</url> + </references> + <dates> + <discovery>2015-08-27</discovery> + <entry>2015-08-28</entry> + </dates> + </vuln> + <vuln vid="4464212e-4acd-11e5-934b-002590263bf5"> <topic>go -- multiple vulnerabilities</topic> <affects> @@ -7756,6 +7794,8 @@ Notes: <p>MFSA-2015-57 Privilege escalation through IPC channel messages</p> <p>MFSA-2015-58 Mozilla Windows updater can be run outside of application directory</p> + <p>MFSA 2015-93 Integer overflows in libstagefright while processing + MP4 video metadata</p> </blockquote> </body> </description> @@ -7775,6 +7815,7 @@ Notes: <cvename>CVE-2015-2717</cvename> <cvename>CVE-2015-2718</cvename> <cvename>CVE-2015-2720</cvename> + <cvename>CVE-2015-4496</cvename> <url>https://www.mozilla.org/security/advisories/mfsa2015-46/</url> <url>https://www.mozilla.org/security/advisories/mfsa2015-47/</url> <url>https://www.mozilla.org/security/advisories/mfsa2015-48/</url> @@ -7788,10 +7829,12 @@ Notes: <url>https://www.mozilla.org/security/advisories/mfsa2015-56/</url> <url>https://www.mozilla.org/security/advisories/mfsa2015-57/</url> <url>https://www.mozilla.org/security/advisories/mfsa2015-58/</url> + <url>https://www.mozilla.org/security/advisories/mfsa2015-93/</url> </references> <dates> <discovery>2015-05-12</discovery> <entry>2015-05-12</entry> + <modified>2015-08-28</modified> </dates> </vuln> |