lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20140723195045.GA3280@pisco.westfalen.local>
Date: Wed, 23 Jul 2014 21:50:45 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 2986-1] iceweasel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2986-1                   security@...ian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
July 23, 2014                          http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : iceweasel
CVE ID         : CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 
                 CVE-2014-1557

Multiple security issues have been found in Iceweasel, Debian's version
of the Mozilla Firefox web browser:  Multiple memory safety errors and 
use-after-frees may lead to the execution of arbitrary code or denial
of service.

For the stable distribution (wheezy), these problems have been fixed in
version 24.7.0esr-1~deb7u1.

For the unstable distribution (sid), these problems have been fixed in
version 31.0-1.

We recommend that you upgrade your iceweasel packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJT0BF5AAoJEBDCk7bDfE42v/8QAINs0APbnlMu/Tp3dQwTkmdS
3B2dCvWpn+r0Ogzk56nHYt0+rjJXw9LzjMqLpi+AiZj3Uo3HGctxrKw57qD4jVtv
XulXGgyccovLm1rzNlgH9ZyBv/cXR88azIhBfSp8BWleU3XJ/weneKVKiNKknNwm
u3BI19lYMolT37RpeHiZSt5NWJr8EG5LR/lY9SjxgCc3cGKgRSHgl2RYGFVq+Ril
Dr0A2+HeAcRoI1tRCkWqHd6ZP1M/3b9HcQ7UTsWmUGR60002gmDMsixzipAxL09K
UEoUNonlJuOxGkXtRGtG1wpCvuXeY2Km4tjqMhVNlxx4/FzXFknwEWJXeCkrVAhY
tTLXLbXwVKK/LWnKbjM7//a7bPGtnh9+EsjgbrkSQI7RqiAY+ah//EMb6C5TaQYa
O6aAKxfNg0BjH2xZd4e4HV+pMSlOdLmKXUUkCRdsY3baaDrI7BRkIIrXZBdAYZqb
xJJCHXxP+eILSY8R2BO/w4tDG8SjZHMAwhcYQcSN75kIbzVegJ9ij63++mRPuCy/
1fl3XJKDK8qkyxvgt/fYgvrxENiyGxfT05kz/+QMc8h4ZuzL0I4krlRZU41bjcsz
PRpZrMetO3xtl9+WqRhw2V3nklKXEs1E96nGfeXkVmT2KHbDawnPP1LvzGouNffT
Eo3e69x2VFbISAK/A2BD
=3uzz
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ