drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Firefox und Thunderbird
Name: |
Mehrere Probleme in Firefox und Thunderbird |
|
ID: |
201512-10 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Do, 31. Dezember 2015, 12:28 |
|
Referenzen: |
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7200
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7205
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7203
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2742
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2740
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7220
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7198
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2738
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2736
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2706
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7217
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7215
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7191
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2729
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2734
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2730
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7222
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2808
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7193
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7204
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2721
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0813
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0811
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7212
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7207
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7210
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7189
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0801
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0799
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7218
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2722
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4495
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7187
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2733
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0810
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2743
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7211
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2735
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7197
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2737
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7195
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4514
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7181
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2741
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4513
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2731
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7219
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2739
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7196
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7223
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7214
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7199
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0807
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7192
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7201
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7208
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0798
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0808
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7221
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2727
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7188
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7202
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0816
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7194 |
|
Applikationen: |
Mozilla Firefox, Mozilla Thunderbird |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --XpRDq7uCl0xsJOXbBFJFSJPNdTggKRvli Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201512-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Mozilla Products: Multiple vulnerabilities Date: December 30, 2015 Bugs: #545232, #554036, #556942, #564818, #568376 ID: 201512-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code.
Background ==========
Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 38.5.0 >= 38.5.0 2 www-client/firefox-bin < 38.5.0 >= 38.5.0 3 mail-client/thunderbird < 38.5.0 >= 38.5.0 4 mail-client/thunderbird-bin < 38.5.0 >= 38.5.0 ------------------------------------------------------------------- 4 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE identifiers referenced below for details.
Impact ======
A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Firefox users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-38.5.0"
All Firefox-bin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-38.5.0"
All Thunderbird users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-38.5.0"
All Thunderbird-bin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-38.5.0"
References ==========
[ 1 ] CVE-2015-0798 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0798 [ 2 ] CVE-2015-0799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0799 [ 3 ] CVE-2015-0801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0801 [ 4 ] CVE-2015-0802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0802 [ 5 ] CVE-2015-0803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0803 [ 6 ] CVE-2015-0804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0804 [ 7 ] CVE-2015-0805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0805 [ 8 ] CVE-2015-0806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0806 [ 9 ] CVE-2015-0807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0807 [ 10 ] CVE-2015-0808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0808 [ 11 ] CVE-2015-0810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0810 [ 12 ] CVE-2015-0811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0811 [ 13 ] CVE-2015-0812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0812 [ 14 ] CVE-2015-0813 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0813 [ 15 ] CVE-2015-0814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0814 [ 16 ] CVE-2015-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0815 [ 17 ] CVE-2015-0816 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0816 [ 18 ] CVE-2015-2706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2706 [ 19 ] CVE-2015-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2721 [ 20 ] CVE-2015-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2722 [ 21 ] CVE-2015-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2724 [ 22 ] CVE-2015-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2725 [ 23 ] CVE-2015-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2726 [ 24 ] CVE-2015-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2727 [ 25 ] CVE-2015-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2728 [ 26 ] CVE-2015-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2729 [ 27 ] CVE-2015-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2730 [ 28 ] CVE-2015-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2731 [ 29 ] CVE-2015-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2733 [ 30 ] CVE-2015-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2734 [ 31 ] CVE-2015-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2735 [ 32 ] CVE-2015-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2736 [ 33 ] CVE-2015-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2737 [ 34 ] CVE-2015-2738 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2738 [ 35 ] CVE-2015-2739 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2739 [ 36 ] CVE-2015-2740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2740 [ 37 ] CVE-2015-2741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2741 [ 38 ] CVE-2015-2742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2742 [ 39 ] CVE-2015-2743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2743 [ 40 ] CVE-2015-2808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2808 [ 41 ] CVE-2015-4000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4000 [ 42 ] CVE-2015-4495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4495 [ 43 ] CVE-2015-4513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4513 [ 44 ] CVE-2015-4514 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4514 [ 45 ] CVE-2015-4515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4515 [ 46 ] CVE-2015-4518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4518 [ 47 ] CVE-2015-7181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7181 [ 48 ] CVE-2015-7182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7182 [ 49 ] CVE-2015-7183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7183 [ 50 ] CVE-2015-7187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7187 [ 51 ] CVE-2015-7188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7188 [ 52 ] CVE-2015-7189 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7189 [ 53 ] CVE-2015-7191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7191 [ 54 ] CVE-2015-7192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7192 [ 55 ] CVE-2015-7193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7193 [ 56 ] CVE-2015-7194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7194 [ 57 ] CVE-2015-7195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7195 [ 58 ] CVE-2015-7196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7196 [ 59 ] CVE-2015-7197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7197 [ 60 ] CVE-2015-7198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7198 [ 61 ] CVE-2015-7199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7199 [ 62 ] CVE-2015-7200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7200 [ 63 ] CVE-2015-7201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7201 [ 64 ] CVE-2015-7202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7202 [ 65 ] CVE-2015-7203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7203 [ 66 ] CVE-2015-7204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7204 [ 67 ] CVE-2015-7205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7205 [ 68 ] CVE-2015-7207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7207 [ 69 ] CVE-2015-7208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7208 [ 70 ] CVE-2015-7210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7210 [ 71 ] CVE-2015-7211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7211 [ 72 ] CVE-2015-7212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7212 [ 73 ] CVE-2015-7213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7213 [ 74 ] CVE-2015-7214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7214 [ 75 ] CVE-2015-7215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7215 [ 76 ] CVE-2015-7216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7216 [ 77 ] CVE-2015-7217 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7217 [ 78 ] CVE-2015-7218 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7218 [ 79 ] CVE-2015-7219 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7219 [ 80 ] CVE-2015-7220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7220 [ 81 ] CVE-2015-7221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7221 [ 82 ] CVE-2015-7222 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7222 [ 83 ] CVE-2015-7223 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7223
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201512-10
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--XpRDq7uCl0xsJOXbBFJFSJPNdTggKRvli Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQEcBAEBCgAGBQJWg/j3AAoJEDkRiObnjK1y9VoH/1LVlFqlDtFI3qW4i1ZVu5tT aeGoxB1Z+mGrCs3arlDt3CC8VAR62nNcye9gbgClA4lAUKffLo+JSpxgmGwfiY1m xgocJLCF3LA9FM95vEsATL5cUgfDSeQkLMqWGDfWJxcC8RDdg1gzYypbjYOfcAib RQPBvM8GxyVrMQF9WNDvqy2D0Kpi2A15WMQQVHH+r1mAjZbeWTPUkJDbeG8BFbTu I01Yje+Q3NmbG5NNOBW32kfX86ob4W1AWc5H+RgFpzhsyDpS6IFTSP5H8uhyoxhu zt+l1FBPFnTFmATfR/Pp9NH/J6P7D2ThaW/6ZAVFz/g5Y+naYXQ2sGdYA++YBI4= =nOVt -----END PGP SIGNATURE-----
--XpRDq7uCl0xsJOXbBFJFSJPNdTggKRvli--
|
|
|
|