ALT-BU-2014-3104-1
Branch t7 update bulletin.
Package NetworkManager-applet-gtk updated to version 0.9.8.10-alt1.M70P.3.git20141027 for branch t7 in task 134513.
Closed bugs
Проблема с ModemManager, слетают настройки мобильного интернета, вылетает аплет NM
Package thunderbird updated to version 31.2.0-alt0.M70P.1 for branch t7 in task 134513.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-1587
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-83.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-83.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71391
- 71391
- https://bugzilla.mozilla.org/show_bug.cgi?id=1042567
- https://bugzilla.mozilla.org/show_bug.cgi?id=1042567
- https://bugzilla.mozilla.org/show_bug.cgi?id=1072847
- https://bugzilla.mozilla.org/show_bug.cgi?id=1072847
- https://bugzilla.mozilla.org/show_bug.cgi?id=1079729
- https://bugzilla.mozilla.org/show_bug.cgi?id=1079729
- https://bugzilla.mozilla.org/show_bug.cgi?id=1080312
- https://bugzilla.mozilla.org/show_bug.cgi?id=1080312
- https://bugzilla.mozilla.org/show_bug.cgi?id=1089207
- https://bugzilla.mozilla.org/show_bug.cgi?id=1089207
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1590
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-85.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-85.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71397
- 71397
- https://bugzilla.mozilla.org/show_bug.cgi?id=1087633
- https://bugzilla.mozilla.org/show_bug.cgi?id=1087633
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1592
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-87.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-87.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71398
- 71398
- https://bugzilla.mozilla.org/show_bug.cgi?id=1088635
- https://bugzilla.mozilla.org/show_bug.cgi?id=1088635
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1593
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-88.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-88.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71395
- 71395
- https://bugzilla.mozilla.org/show_bug.cgi?id=1085175
- https://bugzilla.mozilla.org/show_bug.cgi?id=1085175
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1594
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-89.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-89.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71396
- 71396
- https://bugzilla.mozilla.org/show_bug.cgi?id=1074280
- https://bugzilla.mozilla.org/show_bug.cgi?id=1074280
- GLSA-201504-01
- GLSA-201504-01
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
Package adobe-flash-player updated to version 11-alt35 for branch t7 in task 134581.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-0573
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0588 and CVE-2014-8438.
Modified: 2024-11-21
CVE-2014-0574
Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors.
- http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
- http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- https://code.google.com/p/chromium/issues/detail?id=423703
- https://code.google.com/p/chromium/issues/detail?id=423703
Modified: 2024-11-21
CVE-2014-0576
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0581, CVE-2014-8440, and CVE-2014-8441.
Modified: 2024-11-21
CVE-2014-0577
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590.
Modified: 2024-11-21
CVE-2014-0581
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-8440, and CVE-2014-8441.
Modified: 2024-11-21
CVE-2014-0582
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0589.
Modified: 2024-11-21
CVE-2014-0583
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors.
Modified: 2024-11-21
CVE-2014-0584
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0585, CVE-2014-0586, and CVE-2014-0590.
Modified: 2024-11-21
CVE-2014-0585
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0586, and CVE-2014-0590.
Modified: 2024-11-21
CVE-2014-0586
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0590.
Modified: 2024-11-21
CVE-2014-0588
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-8438.
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- 20141112 Adobe Flash Player Byte Array Uncompress Use-after-Free Vulnerability
- 20141112 Adobe Flash Player Byte Array Uncompress Use-after-Free Vulnerability
Modified: 2024-11-21
CVE-2014-0589
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582.
Modified: 2024-11-21
CVE-2014-0590
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0586.
Modified: 2024-11-21
CVE-2014-8437
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow remote attackers to discover session tokens via unspecified vectors.
Modified: 2024-11-21
CVE-2014-8438
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588.
Modified: 2024-11-21
CVE-2014-8440
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8441.
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- 71047
- 71047
- adobe-flash-cve20148440-code-exec(98615)
- adobe-flash-cve20148440-code-exec(98615)
- 36880
- 36880
- 20141112 Adobe Flash Player Byte Array Uncompress Uninitialized Memory Corruption Vulnerability
- 20141112 Adobe Flash Player Byte Array Uncompress Uninitialized Memory Corruption Vulnerability
Modified: 2024-11-21
CVE-2014-8441
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8440.
Modified: 2024-11-21
CVE-2014-8442
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.