Hello community,
here is the log from the commit of package patchinfo.4615 for
openSUSE:13.1:Update checked in at 2016-03-26 13:43:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.4615 (Old)
and /work/SRC/openSUSE:13.1:Update/.patchinfo.4615.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.4615"
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo>
<issue id="969894" tracker="bnc">VUL-0: MozillaFirefox 45 security
release</issue>
<issue id="CVE-2015-7207" tracker="cve" />
<issue id="CVE-2016-1962" tracker="cve" />
<issue id="CVE-2016-1960" tracker="cve" />
<issue id="CVE-2016-1961" tracker="cve" />
<issue id="CVE-2016-2798" tracker="cve" />
<issue id="CVE-2016-2799" tracker="cve" />
<issue id="CVE-2016-1964" tracker="cve" />
<issue id="CVE-2016-1965" tracker="cve" />
<issue id="CVE-2016-2794" tracker="cve" />
<issue id="CVE-2016-1966" tracker="cve" />
<issue id="CVE-2016-2796" tracker="cve" />
<issue id="CVE-2016-2797" tracker="cve" />
<issue id="CVE-2016-2790" tracker="cve" />
<issue id="CVE-2016-2791" tracker="cve" />
<issue id="CVE-2016-2792" tracker="cve" />
<issue id="CVE-2016-2793" tracker="cve" />
<issue id="CVE-2015-4477" tracker="cve" />
<issue id="CVE-2016-2795" tracker="cve" />
<issue id="CVE-2016-1958" tracker="cve" />
<issue id="CVE-2016-1957" tracker="cve" />
<issue id="CVE-2016-1954" tracker="cve" />
<issue id="CVE-2016-1952" tracker="cve" />
<issue id="CVE-2016-1974" tracker="cve" />
<issue id="CVE-2016-1977" tracker="cve" />
<issue id="CVE-2016-2800" tracker="cve" />
<issue id="CVE-2016-2801" tracker="cve" />
<issue id="CVE-2016-2802" tracker="cve" />
<category>security</category>
<rating>important</rating>
<packager>wrosenauer</packager>
<description>
MozillaThunderbird was updated to 38.7.0 to fix the following issues:
* Update to Thunderbird 38.7.0 (boo#969894)
* MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
Use-after-free in MediaStream playback
* MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
Same-origin policy violation using performance.getEntries and
history navigation
* MFSA 2016-16/CVE-2016-1952
Miscellaneous memory safety hazards
* MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
Local file overwriting and potential privilege escalation through
CSP reports
* MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
Memory leak in libstagefright when deleting an array during MP4
processing
* MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
Displayed page address can be overridden
* MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
Use-after-free in HTML5 string parser
* MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
Use-after-free in SetBody
* MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
Use-after-free when using multiple WebRTC data channels
* MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
Use-after-free during XML transformations
* MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
Addressbar spoofing though history navigation and Location protocol
property
* MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
Memory corruption with malicious NPAPI plugin
* MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
Out-of-bounds read in HTML parser following a failed allocation
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
Font vulnerabilities in the Graphite 2 library
</description>
<summary>Security update for MozillaThunderbird</summary>
</patchinfo>
