Debian: DSA-3050-1: iceweasel security update

    Date18 Oct 2014
    CategoryDebian
    23
    Posted ByLinuxSecurity Advisories
    Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, the bypass of the
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-3050-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                        Moritz Muehlenhoff
    October 15, 2014                       http://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : iceweasel
    CVE ID         : CVE-2014-1574 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 
                     CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586
    
    Multiple security issues have been found in Iceweasel, Debian's version 
    of the Mozilla Firefox web browser: Multiple memory safety errors, buffer
    overflows, use-after-frees and other implementation errors may lead to 
    the execution of arbitrary code, denial of service, the bypass of the
    same-origin policy or a loss of privacy.
    
    This update updates Iceweasel to the ESR31 series of Firefox. The new
    release introduces a new user interface.
    
    In addition, this update also disables SSLv3.
    
    For the stable distribution (wheezy), these problems have been fixed in
    version 31.2.0esr-2~deb7u1.
    
    For the unstable distribution (sid), these problems have been fixed in
    version 31.2.0esr-1.
    
    For the experimental distribution, these problems have been fixed in
    version 33.0-1.
    
    We recommend that you upgrade your iceweasel packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"2","type":"x","order":"2","pct":50,"resources":[]},{"id":"86","title":"No","votes":"2","type":"x","order":"3","pct":50,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.