ALT-PU-2014-2301-1
Package thunderbird updated to version 31.2.0-alt1 for branch sisyphus in task 133025.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2014-1587
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-83.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-83.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71391
- 71391
- https://bugzilla.mozilla.org/show_bug.cgi?id=1042567
- https://bugzilla.mozilla.org/show_bug.cgi?id=1042567
- https://bugzilla.mozilla.org/show_bug.cgi?id=1072847
- https://bugzilla.mozilla.org/show_bug.cgi?id=1072847
- https://bugzilla.mozilla.org/show_bug.cgi?id=1079729
- https://bugzilla.mozilla.org/show_bug.cgi?id=1079729
- https://bugzilla.mozilla.org/show_bug.cgi?id=1080312
- https://bugzilla.mozilla.org/show_bug.cgi?id=1080312
- https://bugzilla.mozilla.org/show_bug.cgi?id=1089207
- https://bugzilla.mozilla.org/show_bug.cgi?id=1089207
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1590
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-85.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-85.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71397
- 71397
- https://bugzilla.mozilla.org/show_bug.cgi?id=1087633
- https://bugzilla.mozilla.org/show_bug.cgi?id=1087633
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1592
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-87.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-87.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71398
- 71398
- https://bugzilla.mozilla.org/show_bug.cgi?id=1088635
- https://bugzilla.mozilla.org/show_bug.cgi?id=1088635
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1593
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-88.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-88.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71395
- 71395
- https://bugzilla.mozilla.org/show_bug.cgi?id=1085175
- https://bugzilla.mozilla.org/show_bug.cgi?id=1085175
- GLSA-201504-01
- GLSA-201504-01
Modified: 2024-11-21
CVE-2014-1594
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:0138
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- DSA-3090
- DSA-3090
- DSA-3092
- DSA-3092
- http://www.mozilla.org/security/announce/2014/mfsa2014-89.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-89.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- 71396
- 71396
- https://bugzilla.mozilla.org/show_bug.cgi?id=1074280
- https://bugzilla.mozilla.org/show_bug.cgi?id=1074280
- GLSA-201504-01
- GLSA-201504-01
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.