Branch t7 update bulletin.

Package nginx updated to version 1.4.4-alt0.M70P.1 for branch t7 in task 109073.

Published: 2013-11-23
Modified: 2024-11-21

CVE-2013-4547

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

Severity: HIGH (7.5)

References:

[FR] WebM MIME type

CVE-2013-4547 в nginx

Package nspr updated to version 4.10.2-alt1 for branch t7 in task 109073.

Published: 2013-11-20
Modified: 2024-11-21

CVE-2013-5607

Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.

Severity: HIGH (7.5)

References:

Version: 2.1.0

Branch t7 update on 2013-11-24

ALT-BU-2013-1391-1

ALT-PU-2013-1169-1

Closed vulnerabilities

CVE-2013-4547

Closed bugs

Bug #28550

Bug #29604

ALT-PU-2013-1170-1

Closed vulnerabilities

CVE-2013-5607