RedHat has issued an advisory today (March 18): https://rhn.redhat.com/errata/RHSA-2014-0310.html Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron. Advisory: ======================== Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running it (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514). Several information disclosure flaws were found in the way Firefox and Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox or Thunderbird to crash (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505). A memory corruption flaw was found in the way Firefox and Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox or Thunderbird (CVE-2014-1509). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514 https://www.mozilla.org/security/announce/2014/mfsa2014-15.html https://www.mozilla.org/security/announce/2014/mfsa2014-17.html https://www.mozilla.org/security/announce/2014/mfsa2014-26.html https://www.mozilla.org/security/announce/2014/mfsa2014-27.html https://www.mozilla.org/security/announce/2014/mfsa2014-28.html https://www.mozilla.org/security/announce/2014/mfsa2014-29.html https://www.mozilla.org/security/announce/2014/mfsa2014-30.html https://www.mozilla.org/security/announce/2014/mfsa2014-31.html https://www.mozilla.org/security/announce/2014/mfsa2014-32.html http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html https://rhn.redhat.com/errata/RHSA-2014-0310.html ======================== Updated packages in core/updates_testing: ======================== libnspr4-4.10.4-1.mga3 libnspr-devel-4.10.4-1.mga3 nss-3.15.5-1.mga3 nss-doc-3.15.5-1.mga3 libnss3-3.15.5-1.mga3 libnss-devel-3.15.5-1.mga3 libnss-static-devel-3.15.5-1.mga3 firefox-24.4.0-1.mga3 firefox-devel-24.4.0-1.mga3 firefox-af-24.4.0-1.mga3 firefox-ar-24.4.0-1.mga3 firefox-as-24.4.0-1.mga3 firefox-ast-24.4.0-1.mga3 firefox-be-24.4.0-1.mga3 firefox-bg-24.4.0-1.mga3 firefox-bn_IN-24.4.0-1.mga3 firefox-bn_BD-24.4.0-1.mga3 firefox-br-24.4.0-1.mga3 firefox-bs-24.4.0-1.mga3 firefox-ca-24.4.0-1.mga3 firefox-cs-24.4.0-1.mga3 firefox-csb-24.4.0-1.mga3 firefox-cy-24.4.0-1.mga3 firefox-da-24.4.0-1.mga3 firefox-de-24.4.0-1.mga3 firefox-el-24.4.0-1.mga3 firefox-en_GB-24.4.0-1.mga3 firefox-en_ZA-24.4.0-1.mga3 firefox-eo-24.4.0-1.mga3 firefox-es_AR-24.4.0-1.mga3 firefox-es_CL-24.4.0-1.mga3 firefox-es_ES-24.4.0-1.mga3 firefox-es_MX-24.4.0-1.mga3 firefox-et-24.4.0-1.mga3 firefox-eu-24.4.0-1.mga3 firefox-fa-24.4.0-1.mga3 firefox-ff-24.4.0-1.mga3 firefox-fi-24.4.0-1.mga3 firefox-fr-24.4.0-1.mga3 firefox-fy-24.4.0-1.mga3 firefox-ga_IE-24.4.0-1.mga3 firefox-gd-24.4.0-1.mga3 firefox-gl-24.4.0-1.mga3 firefox-gu_IN-24.4.0-1.mga3 firefox-he-24.4.0-1.mga3 firefox-hi-24.4.0-1.mga3 firefox-hr-24.4.0-1.mga3 firefox-hu-24.4.0-1.mga3 firefox-hy-24.4.0-1.mga3 firefox-id-24.4.0-1.mga3 firefox-is-24.4.0-1.mga3 firefox-it-24.4.0-1.mga3 firefox-ja-24.4.0-1.mga3 firefox-kk-24.4.0-1.mga3 firefox-ko-24.4.0-1.mga3 firefox-km-24.4.0-1.mga3 firefox-kn-24.4.0-1.mga3 firefox-ku-24.4.0-1.mga3 firefox-lg-24.4.0-1.mga3 firefox-lij-24.4.0-1.mga3 firefox-lt-24.4.0-1.mga3 firefox-lv-24.4.0-1.mga3 firefox-mai-24.4.0-1.mga3 firefox-mk-24.4.0-1.mga3 firefox-ml-24.4.0-1.mga3 firefox-mr-24.4.0-1.mga3 firefox-nb_NO-24.4.0-1.mga3 firefox-nl-24.4.0-1.mga3 firefox-nn_NO-24.4.0-1.mga3 firefox-nso-24.4.0-1.mga3 firefox-or-24.4.0-1.mga3 firefox-pa_IN-24.4.0-1.mga3 firefox-pl-24.4.0-1.mga3 firefox-pt_BR-24.4.0-1.mga3 firefox-pt_PT-24.4.0-1.mga3 firefox-ro-24.4.0-1.mga3 firefox-ru-24.4.0-1.mga3 firefox-si-24.4.0-1.mga3 firefox-sk-24.4.0-1.mga3 firefox-sl-24.4.0-1.mga3 firefox-sq-24.4.0-1.mga3 firefox-sr-24.4.0-1.mga3 firefox-sv_SE-24.4.0-1.mga3 firefox-ta-24.4.0-1.mga3 firefox-ta_LK-24.4.0-1.mga3 firefox-te-24.4.0-1.mga3 firefox-th-24.4.0-1.mga3 firefox-tr-24.4.0-1.mga3 firefox-uk-24.4.0-1.mga3 firefox-vi-24.4.0-1.mga3 firefox-zh_CN-24.4.0-1.mga3 firefox-zh_TW-24.4.0-1.mga3 firefox-zu-24.4.0-1.mga3 thunderbird-24.4.0-1.mga3 thunderbird-enigmail-24.4.0-1.mga3 nsinstall-24.4.0-1.mga3 thunderbird-ar-24.4.0-1.mga3 thunderbird-ast-24.4.0-1.mga3 thunderbird-be-24.4.0-1.mga3 thunderbird-bg-24.4.0-1.mga3 thunderbird-bn_BD-24.4.0-1.mga3 thunderbird-br-24.4.0-1.mga3 thunderbird-ca-24.4.0-1.mga3 thunderbird-cs-24.4.0-1.mga3 thunderbird-da-24.4.0-1.mga3 thunderbird-de-24.4.0-1.mga3 thunderbird-el-24.4.0-1.mga3 thunderbird-en_GB-24.4.0-1.mga3 thunderbird-es_AR-24.4.0-1.mga3 thunderbird-es_ES-24.4.0-1.mga3 thunderbird-et-24.4.0-1.mga3 thunderbird-eu-24.4.0-1.mga3 thunderbird-fi-24.4.0-1.mga3 thunderbird-fr-24.4.0-1.mga3 thunderbird-fy-24.4.0-1.mga3 thunderbird-ga-24.4.0-1.mga3 thunderbird-gd-24.4.0-1.mga3 thunderbird-gl-24.4.0-1.mga3 thunderbird-he-24.4.0-1.mga3 thunderbird-hr-24.4.0-1.mga3 thunderbird-hu-24.4.0-1.mga3 thunderbird-hy-24.4.0-1.mga3 thunderbird-id-24.4.0-1.mga3 thunderbird-is-24.4.0-1.mga3 thunderbird-it-24.4.0-1.mga3 thunderbird-ja-24.4.0-1.mga3 thunderbird-ko-24.4.0-1.mga3 thunderbird-lt-24.4.0-1.mga3 thunderbird-nb_NO-24.4.0-1.mga3 thunderbird-nl-24.4.0-1.mga3 thunderbird-nn_NO-24.4.0-1.mga3 thunderbird-pl-24.4.0-1.mga3 thunderbird-pa_IN-24.4.0-1.mga3 thunderbird-pt_BR-24.4.0-1.mga3 thunderbird-pt_PT-24.4.0-1.mga3 thunderbird-ro-24.4.0-1.mga3 thunderbird-ru-24.4.0-1.mga3 thunderbird-si-24.4.0-1.mga3 thunderbird-sk-24.4.0-1.mga3 thunderbird-sl-24.4.0-1.mga3 thunderbird-sq-24.4.0-1.mga3 thunderbird-sv_SE-24.4.0-1.mga3 thunderbird-ta_LK-24.4.0-1.mga3 thunderbird-tr-24.4.0-1.mga3 thunderbird-uk-24.4.0-1.mga3 thunderbird-vi-24.4.0-1.mga3 thunderbird-zh_CN-24.4.0-1.mga3 thunderbird-zh_TW-24.4.0-1.mga3 libnspr4-4.10.4-1.mga4 libnspr-devel-4.10.4-1.mga4 nss-3.15.5-1.mga4 nss-doc-3.15.5-1.mga4 libnss3-3.15.5-1.mga4 libnss-devel-3.15.5-1.mga4 libnss-static-devel-3.15.5-1.mga4 firefox-24.4.0-1.mga4 firefox-devel-24.4.0-1.mga4 firefox-af-24.4.0-1.mga4 firefox-ar-24.4.0-1.mga4 firefox-as-24.4.0-1.mga4 firefox-ast-24.4.0-1.mga4 firefox-be-24.4.0-1.mga4 firefox-bg-24.4.0-1.mga4 firefox-bn_IN-24.4.0-1.mga4 firefox-bn_BD-24.4.0-1.mga4 firefox-br-24.4.0-1.mga4 firefox-bs-24.4.0-1.mga4 firefox-ca-24.4.0-1.mga4 firefox-cs-24.4.0-1.mga4 firefox-csb-24.4.0-1.mga4 firefox-cy-24.4.0-1.mga4 firefox-da-24.4.0-1.mga4 firefox-de-24.4.0-1.mga4 firefox-el-24.4.0-1.mga4 firefox-en_GB-24.4.0-1.mga4 firefox-en_ZA-24.4.0-1.mga4 firefox-eo-24.4.0-1.mga4 firefox-es_AR-24.4.0-1.mga4 firefox-es_CL-24.4.0-1.mga4 firefox-es_ES-24.4.0-1.mga4 firefox-es_MX-24.4.0-1.mga4 firefox-et-24.4.0-1.mga4 firefox-eu-24.4.0-1.mga4 firefox-fa-24.4.0-1.mga4 firefox-ff-24.4.0-1.mga4 firefox-fi-24.4.0-1.mga4 firefox-fr-24.4.0-1.mga4 firefox-fy-24.4.0-1.mga4 firefox-ga_IE-24.4.0-1.mga4 firefox-gd-24.4.0-1.mga4 firefox-gl-24.4.0-1.mga4 firefox-gu_IN-24.4.0-1.mga4 firefox-he-24.4.0-1.mga4 firefox-hi-24.4.0-1.mga4 firefox-hr-24.4.0-1.mga4 firefox-hu-24.4.0-1.mga4 firefox-hy-24.4.0-1.mga4 firefox-id-24.4.0-1.mga4 firefox-is-24.4.0-1.mga4 firefox-it-24.4.0-1.mga4 firefox-ja-24.4.0-1.mga4 firefox-kk-24.4.0-1.mga4 firefox-ko-24.4.0-1.mga4 firefox-km-24.4.0-1.mga4 firefox-kn-24.4.0-1.mga4 firefox-ku-24.4.0-1.mga4 firefox-lg-24.4.0-1.mga4 firefox-lij-24.4.0-1.mga4 firefox-lt-24.4.0-1.mga4 firefox-lv-24.4.0-1.mga4 firefox-mai-24.4.0-1.mga4 firefox-mk-24.4.0-1.mga4 firefox-ml-24.4.0-1.mga4 firefox-mr-24.4.0-1.mga4 firefox-nb_NO-24.4.0-1.mga4 firefox-nl-24.4.0-1.mga4 firefox-nn_NO-24.4.0-1.mga4 firefox-nso-24.4.0-1.mga4 firefox-or-24.4.0-1.mga4 firefox-pa_IN-24.4.0-1.mga4 firefox-pl-24.4.0-1.mga4 firefox-pt_BR-24.4.0-1.mga4 firefox-pt_PT-24.4.0-1.mga4 firefox-ro-24.4.0-1.mga4 firefox-ru-24.4.0-1.mga4 firefox-si-24.4.0-1.mga4 firefox-sk-24.4.0-1.mga4 firefox-sl-24.4.0-1.mga4 firefox-sq-24.4.0-1.mga4 firefox-sr-24.4.0-1.mga4 firefox-sv_SE-24.4.0-1.mga4 firefox-ta-24.4.0-1.mga4 firefox-ta_LK-24.4.0-1.mga4 firefox-te-24.4.0-1.mga4 firefox-th-24.4.0-1.mga4 firefox-tr-24.4.0-1.mga4 firefox-uk-24.4.0-1.mga4 firefox-vi-24.4.0-1.mga4 firefox-zh_CN-24.4.0-1.mga4 firefox-zh_TW-24.4.0-1.mga4 firefox-zu-24.4.0-1.mga4 thunderbird-24.4.0-1.mga4 thunderbird-enigmail-24.4.0-1.mga4 nsinstall-24.4.0-1.mga4 thunderbird-ar-24.4.0-1.mga4 thunderbird-ast-24.4.0-1.mga4 thunderbird-be-24.4.0-1.mga4 thunderbird-bg-24.4.0-1.mga4 thunderbird-bn_BD-24.4.0-1.mga4 thunderbird-br-24.4.0-1.mga4 thunderbird-ca-24.4.0-1.mga4 thunderbird-cs-24.4.0-1.mga4 thunderbird-da-24.4.0-1.mga4 thunderbird-de-24.4.0-1.mga4 thunderbird-el-24.4.0-1.mga4 thunderbird-en_GB-24.4.0-1.mga4 thunderbird-es_AR-24.4.0-1.mga4 thunderbird-es_ES-24.4.0-1.mga4 thunderbird-et-24.4.0-1.mga4 thunderbird-eu-24.4.0-1.mga4 thunderbird-fi-24.4.0-1.mga4 thunderbird-fr-24.4.0-1.mga4 thunderbird-fy-24.4.0-1.mga4 thunderbird-ga-24.4.0-1.mga4 thunderbird-gd-24.4.0-1.mga4 thunderbird-gl-24.4.0-1.mga4 thunderbird-he-24.4.0-1.mga4 thunderbird-hr-24.4.0-1.mga4 thunderbird-hu-24.4.0-1.mga4 thunderbird-hy-24.4.0-1.mga4 thunderbird-id-24.4.0-1.mga4 thunderbird-is-24.4.0-1.mga4 thunderbird-it-24.4.0-1.mga4 thunderbird-ja-24.4.0-1.mga4 thunderbird-ko-24.4.0-1.mga4 thunderbird-lt-24.4.0-1.mga4 thunderbird-nb_NO-24.4.0-1.mga4 thunderbird-nl-24.4.0-1.mga4 thunderbird-nn_NO-24.4.0-1.mga4 thunderbird-pl-24.4.0-1.mga4 thunderbird-pa_IN-24.4.0-1.mga4 thunderbird-pt_BR-24.4.0-1.mga4 thunderbird-pt_PT-24.4.0-1.mga4 thunderbird-ro-24.4.0-1.mga4 thunderbird-ru-24.4.0-1.mga4 thunderbird-si-24.4.0-1.mga4 thunderbird-sk-24.4.0-1.mga4 thunderbird-sl-24.4.0-1.mga4 thunderbird-sq-24.4.0-1.mga4 thunderbird-sv_SE-24.4.0-1.mga4 thunderbird-ta_LK-24.4.0-1.mga4 thunderbird-tr-24.4.0-1.mga4 thunderbird-uk-24.4.0-1.mga4 thunderbird-vi-24.4.0-1.mga4 thunderbird-zh_CN-24.4.0-1.mga4 thunderbird-zh_TW-24.4.0-1.mga4 from SRPMS: nspr-4.10.4-1.mga3.src.rpm nss-3.15.5-1.mga3.src.rpm firefox-24.4.0-1.mga3.src.rpm firefox-l10n-24.4.0-1.mga3.src.rpm thunderbird-24.4.0-1.mga3.src.rpm thunderbird-l10n-24.4.0-1.mga3.src.rpm nspr-4.10.4-1.mga4.src.rpm nss-3.15.5-1.mga4.src.rpm firefox-24.4.0-1.mga4.src.rpm firefox-l10n-24.4.0-1.mga4.src.rpm thunderbird-24.4.0-1.mga4.src.rpm thunderbird-l10n-24.4.0-1.mga4.src.rpm Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO
rootcerts-20140318.00 has been uploaded which contains further fixes. nss is being rebuilt right now.
CC: (none) => oe
====================================================== Name: CVE-2014-1493 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1493 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-15.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=896268 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=958867 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=960145 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=963974 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=965982 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=967341 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=977538 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. ====================================================== Name: CVE-2014-1494 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1494 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-15.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=627295 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=909586 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=927579 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=932496 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=933219 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=938615 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=938626 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=949843 Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=964462 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. ====================================================== Name: CVE-2014-1496 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1496 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-16.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=925747 Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. ====================================================== Name: CVE-2014-1497 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-17.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=966311 The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file. ====================================================== Name: CVE-2014-1498 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1498 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-18.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=935618 The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. ====================================================== Name: CVE-2014-1499 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1499 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-19.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=961512 Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. ====================================================== Name: CVE-2014-1500 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1500 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-20.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=956524 Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. ====================================================== Name: CVE-2014-1501 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1501 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-21.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=960135 Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection. ====================================================== Name: CVE-2014-1502 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1502 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-22.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=972622 The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. ====================================================== Name: CVE-2014-1504 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1504 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-23.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=911547 The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart. ====================================================== Name: CVE-2014-1505 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-28.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=941887 The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. ====================================================== Name: CVE-2014-1506 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1506 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-24.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=944374 Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments. ====================================================== Name: CVE-2014-1507 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1507 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-25.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=940684 Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object. ====================================================== Name: CVE-2014-1508 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-26.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=963198 The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering. ====================================================== Name: CVE-2014-1509 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-27.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=966021 Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. ====================================================== Name: CVE-2014-1510 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1510 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-29.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=982906 The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. ====================================================== Name: CVE-2014-1511 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1511 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-29.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=982909 Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. ====================================================== Name: CVE-2014-1512 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1512 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-30.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=982957 Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring. ====================================================== Name: CVE-2014-1513 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1513 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-31.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=982974 TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site. ====================================================== Name: CVE-2014-1514 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20140116 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-32.html Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=983344 vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
(In reply to Oden Eriksson from comment #1) > rootcerts-20140318.00 has been uploaded which contains further fixes. nss is > being rebuilt right now. I'm guessing you got this from here: https://hg.mozilla.org/projects/nss/log/default/lib/ckfw/builtins/certdata.txt In which case, the date should have been 0305, not 0318. Also, the update was unnecessary, because even though there's commits in the repository, they haven't been released in any nss release yet. When they are, it'll show up here: https://hg.mozilla.org/releases/mozilla-release/log/default/security/nss/lib/ckfw/builtins/certdata.txt
(In reply to Oden Eriksson from comment #1) > rootcerts-20140318.00 has been uploaded which contains further fixes. nss is > being rebuilt right now. Which gives us: rootcerts-20140318.00-1.mga3 rootcerts-java-20140318.00-1.mga3 nss-3.15.5-1.1.mga3 nss-doc-3.15.5-1.1.mga3 libnss3-3.15.5-1.1.mga3 libnss-devel-3.15.5-1.1.mga3 libnss-static-devel-3.15.5-1.1.mga3 rootcerts-20140318.00-1.mga4 rootcerts-java-20140318.00-1.mga4 nss-3.15.5-1.1.mga4 nss-doc-3.15.5-1.1.mga4 libnss3-3.15.5-1.1.mga4 libnss-devel-3.15.5-1.1.mga4 libnss-static-devel-3.15.5-1.1.mga4 from SRPMS: rootcerts-20140318.00-1.mga3.src.rpm nss-3.15.5-1.1.mga3.src.rpm rootcerts-20140318.00-1.mga4.src.rpm nss-3.15.5-1.1.mga4.src.rpm
No PoCs listed in any of the linked CVEs, so general testing: Tested mga4-64. Sunspider for javascript javatester for java plugin youtube video for flash general browsing Acid3 test. All as expected.
CC: (none) => wrw105Whiteboard: MGA3TOO => MGA3TOO mga4-64-ok
Also tested Thunderbird: Send/receive/move/delete on IMAP server. Modified an existing calendar entry through lightning. All As expected.
Mga3-64 tests Thunderbird and Firefox as comments 5 and 6. No regressions noted.
Whiteboard: MGA3TOO mga4-64-ok => MGA3TOO mga4-64-ok mga3-64-ok
Apologies for invalidating your testing Bill. nss 3.16 was released yesterday, fixing one more CVE. Working on the update now.
Whiteboard: MGA3TOO mga4-64-ok mga3-64-ok => MGA3TOO feedback
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes rootcerts-20140318.00 = "The built-in roots module has been updated to version 1.97, which adds, removes, and distrusts several certificates."
(In reply to Oden Eriksson from comment #9) > https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes > > rootcerts-20140318.00 = "The built-in roots module has been updated to > version 1.97, which adds, removes, and distrusts several certificates." So are they not keeping them in mercurial now? Where is it now? Where did you get the new certdata.txt?
Looking at nssckbi.h in HG, in nss I see an update on January 24 that matches up with what Fedora just committed for the nss 3.16 update in ca-certificates (so actually 20140124 is the correct version), but it doesn't show that update in HG in mozilla-release. *facepalm*
Advisory: ======================== Updated nss, firefox, and thunderbird packages fix security vulnerabilities: In the NSS library before version 3.16, in a wildcard certificate, the wildcard character was embedded within the U-label of an internationalized domain name, which is not in accordance with RFC 6125 (CVE-2014-1492). Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running it (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514). Several information disclosure flaws were found in the way Firefox and Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox or Thunderbird to crash (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505). A memory corruption flaw was found in the way Firefox and Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox or Thunderbird (CVE-2014-1509). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514 https://www.mozilla.org/security/announce/2014/mfsa2014-15.html https://www.mozilla.org/security/announce/2014/mfsa2014-17.html https://www.mozilla.org/security/announce/2014/mfsa2014-26.html https://www.mozilla.org/security/announce/2014/mfsa2014-27.html https://www.mozilla.org/security/announce/2014/mfsa2014-28.html https://www.mozilla.org/security/announce/2014/mfsa2014-29.html https://www.mozilla.org/security/announce/2014/mfsa2014-30.html https://www.mozilla.org/security/announce/2014/mfsa2014-31.html https://www.mozilla.org/security/announce/2014/mfsa2014-32.html https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html https://rhn.redhat.com/errata/RHSA-2014-0310.html ======================== Updated packages in core/updates_testing: ======================== rootcerts-20140318.00-1.mga3 rootcerts-java-20140318.00-1.mga3 libnspr4-4.10.4-1.mga3 libnspr-devel-4.10.4-1.mga3 nss-3.16.0-1.mga3 nss-doc-3.16.0-1.mga3 libnss3-3.16.0-1.mga3 libnss-devel-3.16.0-1.mga3 libnss-static-devel-3.16.0-1.mga3 firefox-24.4.0-1.mga3 firefox-devel-24.4.0-1.mga3 firefox-af-24.4.0-1.mga3 firefox-ar-24.4.0-1.mga3 firefox-as-24.4.0-1.mga3 firefox-ast-24.4.0-1.mga3 firefox-be-24.4.0-1.mga3 firefox-bg-24.4.0-1.mga3 firefox-bn_IN-24.4.0-1.mga3 firefox-bn_BD-24.4.0-1.mga3 firefox-br-24.4.0-1.mga3 firefox-bs-24.4.0-1.mga3 firefox-ca-24.4.0-1.mga3 firefox-cs-24.4.0-1.mga3 firefox-csb-24.4.0-1.mga3 firefox-cy-24.4.0-1.mga3 firefox-da-24.4.0-1.mga3 firefox-de-24.4.0-1.mga3 firefox-el-24.4.0-1.mga3 firefox-en_GB-24.4.0-1.mga3 firefox-en_ZA-24.4.0-1.mga3 firefox-eo-24.4.0-1.mga3 firefox-es_AR-24.4.0-1.mga3 firefox-es_CL-24.4.0-1.mga3 firefox-es_ES-24.4.0-1.mga3 firefox-es_MX-24.4.0-1.mga3 firefox-et-24.4.0-1.mga3 firefox-eu-24.4.0-1.mga3 firefox-fa-24.4.0-1.mga3 firefox-ff-24.4.0-1.mga3 firefox-fi-24.4.0-1.mga3 firefox-fr-24.4.0-1.mga3 firefox-fy-24.4.0-1.mga3 firefox-ga_IE-24.4.0-1.mga3 firefox-gd-24.4.0-1.mga3 firefox-gl-24.4.0-1.mga3 firefox-gu_IN-24.4.0-1.mga3 firefox-he-24.4.0-1.mga3 firefox-hi-24.4.0-1.mga3 firefox-hr-24.4.0-1.mga3 firefox-hu-24.4.0-1.mga3 firefox-hy-24.4.0-1.mga3 firefox-id-24.4.0-1.mga3 firefox-is-24.4.0-1.mga3 firefox-it-24.4.0-1.mga3 firefox-ja-24.4.0-1.mga3 firefox-kk-24.4.0-1.mga3 firefox-ko-24.4.0-1.mga3 firefox-km-24.4.0-1.mga3 firefox-kn-24.4.0-1.mga3 firefox-ku-24.4.0-1.mga3 firefox-lg-24.4.0-1.mga3 firefox-lij-24.4.0-1.mga3 firefox-lt-24.4.0-1.mga3 firefox-lv-24.4.0-1.mga3 firefox-mai-24.4.0-1.mga3 firefox-mk-24.4.0-1.mga3 firefox-ml-24.4.0-1.mga3 firefox-mr-24.4.0-1.mga3 firefox-nb_NO-24.4.0-1.mga3 firefox-nl-24.4.0-1.mga3 firefox-nn_NO-24.4.0-1.mga3 firefox-nso-24.4.0-1.mga3 firefox-or-24.4.0-1.mga3 firefox-pa_IN-24.4.0-1.mga3 firefox-pl-24.4.0-1.mga3 firefox-pt_BR-24.4.0-1.mga3 firefox-pt_PT-24.4.0-1.mga3 firefox-ro-24.4.0-1.mga3 firefox-ru-24.4.0-1.mga3 firefox-si-24.4.0-1.mga3 firefox-sk-24.4.0-1.mga3 firefox-sl-24.4.0-1.mga3 firefox-sq-24.4.0-1.mga3 firefox-sr-24.4.0-1.mga3 firefox-sv_SE-24.4.0-1.mga3 firefox-ta-24.4.0-1.mga3 firefox-ta_LK-24.4.0-1.mga3 firefox-te-24.4.0-1.mga3 firefox-th-24.4.0-1.mga3 firefox-tr-24.4.0-1.mga3 firefox-uk-24.4.0-1.mga3 firefox-vi-24.4.0-1.mga3 firefox-zh_CN-24.4.0-1.mga3 firefox-zh_TW-24.4.0-1.mga3 firefox-zu-24.4.0-1.mga3 thunderbird-24.4.0-1.mga3 thunderbird-enigmail-24.4.0-1.mga3 nsinstall-24.4.0-1.mga3 thunderbird-ar-24.4.0-1.mga3 thunderbird-ast-24.4.0-1.mga3 thunderbird-be-24.4.0-1.mga3 thunderbird-bg-24.4.0-1.mga3 thunderbird-bn_BD-24.4.0-1.mga3 thunderbird-br-24.4.0-1.mga3 thunderbird-ca-24.4.0-1.mga3 thunderbird-cs-24.4.0-1.mga3 thunderbird-da-24.4.0-1.mga3 thunderbird-de-24.4.0-1.mga3 thunderbird-el-24.4.0-1.mga3 thunderbird-en_GB-24.4.0-1.mga3 thunderbird-es_AR-24.4.0-1.mga3 thunderbird-es_ES-24.4.0-1.mga3 thunderbird-et-24.4.0-1.mga3 thunderbird-eu-24.4.0-1.mga3 thunderbird-fi-24.4.0-1.mga3 thunderbird-fr-24.4.0-1.mga3 thunderbird-fy-24.4.0-1.mga3 thunderbird-ga-24.4.0-1.mga3 thunderbird-gd-24.4.0-1.mga3 thunderbird-gl-24.4.0-1.mga3 thunderbird-he-24.4.0-1.mga3 thunderbird-hr-24.4.0-1.mga3 thunderbird-hu-24.4.0-1.mga3 thunderbird-hy-24.4.0-1.mga3 thunderbird-id-24.4.0-1.mga3 thunderbird-is-24.4.0-1.mga3 thunderbird-it-24.4.0-1.mga3 thunderbird-ja-24.4.0-1.mga3 thunderbird-ko-24.4.0-1.mga3 thunderbird-lt-24.4.0-1.mga3 thunderbird-nb_NO-24.4.0-1.mga3 thunderbird-nl-24.4.0-1.mga3 thunderbird-nn_NO-24.4.0-1.mga3 thunderbird-pl-24.4.0-1.mga3 thunderbird-pa_IN-24.4.0-1.mga3 thunderbird-pt_BR-24.4.0-1.mga3 thunderbird-pt_PT-24.4.0-1.mga3 thunderbird-ro-24.4.0-1.mga3 thunderbird-ru-24.4.0-1.mga3 thunderbird-si-24.4.0-1.mga3 thunderbird-sk-24.4.0-1.mga3 thunderbird-sl-24.4.0-1.mga3 thunderbird-sq-24.4.0-1.mga3 thunderbird-sv_SE-24.4.0-1.mga3 thunderbird-ta_LK-24.4.0-1.mga3 thunderbird-tr-24.4.0-1.mga3 thunderbird-uk-24.4.0-1.mga3 thunderbird-vi-24.4.0-1.mga3 thunderbird-zh_CN-24.4.0-1.mga3 thunderbird-zh_TW-24.4.0-1.mga3 rootcerts-20140318.00-1.mga4 rootcerts-java-20140318.00-1.mga4 libnspr4-4.10.4-1.mga4 libnspr-devel-4.10.4-1.mga4 nss-3.16.0-1.mga4 nss-doc-3.16.0-1.mga4 libnss3-3.16.0-1.mga4 libnss-devel-3.16.0-1.mga4 libnss-static-devel-3.16.0-1.mga4 firefox-24.4.0-1.mga4 firefox-devel-24.4.0-1.mga4 firefox-af-24.4.0-1.mga4 firefox-ar-24.4.0-1.mga4 firefox-as-24.4.0-1.mga4 firefox-ast-24.4.0-1.mga4 firefox-be-24.4.0-1.mga4 firefox-bg-24.4.0-1.mga4 firefox-bn_IN-24.4.0-1.mga4 firefox-bn_BD-24.4.0-1.mga4 firefox-br-24.4.0-1.mga4 firefox-bs-24.4.0-1.mga4 firefox-ca-24.4.0-1.mga4 firefox-cs-24.4.0-1.mga4 firefox-csb-24.4.0-1.mga4 firefox-cy-24.4.0-1.mga4 firefox-da-24.4.0-1.mga4 firefox-de-24.4.0-1.mga4 firefox-el-24.4.0-1.mga4 firefox-en_GB-24.4.0-1.mga4 firefox-en_ZA-24.4.0-1.mga4 firefox-eo-24.4.0-1.mga4 firefox-es_AR-24.4.0-1.mga4 firefox-es_CL-24.4.0-1.mga4 firefox-es_ES-24.4.0-1.mga4 firefox-es_MX-24.4.0-1.mga4 firefox-et-24.4.0-1.mga4 firefox-eu-24.4.0-1.mga4 firefox-fa-24.4.0-1.mga4 firefox-ff-24.4.0-1.mga4 firefox-fi-24.4.0-1.mga4 firefox-fr-24.4.0-1.mga4 firefox-fy-24.4.0-1.mga4 firefox-ga_IE-24.4.0-1.mga4 firefox-gd-24.4.0-1.mga4 firefox-gl-24.4.0-1.mga4 firefox-gu_IN-24.4.0-1.mga4 firefox-he-24.4.0-1.mga4 firefox-hi-24.4.0-1.mga4 firefox-hr-24.4.0-1.mga4 firefox-hu-24.4.0-1.mga4 firefox-hy-24.4.0-1.mga4 firefox-id-24.4.0-1.mga4 firefox-is-24.4.0-1.mga4 firefox-it-24.4.0-1.mga4 firefox-ja-24.4.0-1.mga4 firefox-kk-24.4.0-1.mga4 firefox-ko-24.4.0-1.mga4 firefox-km-24.4.0-1.mga4 firefox-kn-24.4.0-1.mga4 firefox-ku-24.4.0-1.mga4 firefox-lg-24.4.0-1.mga4 firefox-lij-24.4.0-1.mga4 firefox-lt-24.4.0-1.mga4 firefox-lv-24.4.0-1.mga4 firefox-mai-24.4.0-1.mga4 firefox-mk-24.4.0-1.mga4 firefox-ml-24.4.0-1.mga4 firefox-mr-24.4.0-1.mga4 firefox-nb_NO-24.4.0-1.mga4 firefox-nl-24.4.0-1.mga4 firefox-nn_NO-24.4.0-1.mga4 firefox-nso-24.4.0-1.mga4 firefox-or-24.4.0-1.mga4 firefox-pa_IN-24.4.0-1.mga4 firefox-pl-24.4.0-1.mga4 firefox-pt_BR-24.4.0-1.mga4 firefox-pt_PT-24.4.0-1.mga4 firefox-ro-24.4.0-1.mga4 firefox-ru-24.4.0-1.mga4 firefox-si-24.4.0-1.mga4 firefox-sk-24.4.0-1.mga4 firefox-sl-24.4.0-1.mga4 firefox-sq-24.4.0-1.mga4 firefox-sr-24.4.0-1.mga4 firefox-sv_SE-24.4.0-1.mga4 firefox-ta-24.4.0-1.mga4 firefox-ta_LK-24.4.0-1.mga4 firefox-te-24.4.0-1.mga4 firefox-th-24.4.0-1.mga4 firefox-tr-24.4.0-1.mga4 firefox-uk-24.4.0-1.mga4 firefox-vi-24.4.0-1.mga4 firefox-zh_CN-24.4.0-1.mga4 firefox-zh_TW-24.4.0-1.mga4 firefox-zu-24.4.0-1.mga4 thunderbird-24.4.0-1.mga4 thunderbird-enigmail-24.4.0-1.mga4 nsinstall-24.4.0-1.mga4 thunderbird-ar-24.4.0-1.mga4 thunderbird-ast-24.4.0-1.mga4 thunderbird-be-24.4.0-1.mga4 thunderbird-bg-24.4.0-1.mga4 thunderbird-bn_BD-24.4.0-1.mga4 thunderbird-br-24.4.0-1.mga4 thunderbird-ca-24.4.0-1.mga4 thunderbird-cs-24.4.0-1.mga4 thunderbird-da-24.4.0-1.mga4 thunderbird-de-24.4.0-1.mga4 thunderbird-el-24.4.0-1.mga4 thunderbird-en_GB-24.4.0-1.mga4 thunderbird-es_AR-24.4.0-1.mga4 thunderbird-es_ES-24.4.0-1.mga4 thunderbird-et-24.4.0-1.mga4 thunderbird-eu-24.4.0-1.mga4 thunderbird-fi-24.4.0-1.mga4 thunderbird-fr-24.4.0-1.mga4 thunderbird-fy-24.4.0-1.mga4 thunderbird-ga-24.4.0-1.mga4 thunderbird-gd-24.4.0-1.mga4 thunderbird-gl-24.4.0-1.mga4 thunderbird-he-24.4.0-1.mga4 thunderbird-hr-24.4.0-1.mga4 thunderbird-hu-24.4.0-1.mga4 thunderbird-hy-24.4.0-1.mga4 thunderbird-id-24.4.0-1.mga4 thunderbird-is-24.4.0-1.mga4 thunderbird-it-24.4.0-1.mga4 thunderbird-ja-24.4.0-1.mga4 thunderbird-ko-24.4.0-1.mga4 thunderbird-lt-24.4.0-1.mga4 thunderbird-nb_NO-24.4.0-1.mga4 thunderbird-nl-24.4.0-1.mga4 thunderbird-nn_NO-24.4.0-1.mga4 thunderbird-pl-24.4.0-1.mga4 thunderbird-pa_IN-24.4.0-1.mga4 thunderbird-pt_BR-24.4.0-1.mga4 thunderbird-pt_PT-24.4.0-1.mga4 thunderbird-ro-24.4.0-1.mga4 thunderbird-ru-24.4.0-1.mga4 thunderbird-si-24.4.0-1.mga4 thunderbird-sk-24.4.0-1.mga4 thunderbird-sl-24.4.0-1.mga4 thunderbird-sq-24.4.0-1.mga4 thunderbird-sv_SE-24.4.0-1.mga4 thunderbird-ta_LK-24.4.0-1.mga4 thunderbird-tr-24.4.0-1.mga4 thunderbird-uk-24.4.0-1.mga4 thunderbird-vi-24.4.0-1.mga4 thunderbird-zh_CN-24.4.0-1.mga4 thunderbird-zh_TW-24.4.0-1.mga4 from SRPMS: rootcerts-20140318.00-1.mga3.src.rpm nspr-4.10.4-1.mga3.src.rpm nss-3.16.0-1.mga3.src.rpm firefox-24.4.0-1.mga3.src.rpm firefox-l10n-24.4.0-1.mga3.src.rpm thunderbird-24.4.0-1.mga3.src.rpm thunderbird-l10n-24.4.0-1.mga3.src.rpm rootcerts-20140318.00-1.mga4.src.rpm nspr-4.10.4-1.mga4.src.rpm nss-3.16.0-1.mga4.src.rpm firefox-24.4.0-1.mga4.src.rpm firefox-l10n-24.4.0-1.mga4.src.rpm thunderbird-24.4.0-1.mga4.src.rpm thunderbird-l10n-24.4.0-1.mga4.src.rpm
Source RPM: firefox, thunderbird => nss, firefox, thunderbirdWhiteboard: MGA3TOO feedback => MGA3TOO has_procedure
Tue Mar 18 19:44:07 2014 -0700 (at Tue Mar 18 19:44:07 2014 -0700) https://hg.mozilla.org/mozilla-central/file/tip/security/nss/lib/ckfw/builtins/certdata.txt https://hg.mozilla.org/mozilla-central/raw-file/3bc3b9e2cd99/security/nss/lib/ckfw/builtins/certdata.txt
Source RPM: nss, firefox, thunderbird => firefox, thunderbirdWhiteboard: MGA3TOO has_procedure => MGA3TOO feedback
So I guess this is the appropriate place to look for this file now: https://hg.mozilla.org/mozilla-central/log/default/security/nss/lib/ckfw/builtins/certdata.txt Gosh their repository is disorganized! So 20140309 would have been the correct date according to that. My head is spinning. Anyway, Fedora needs to update the comments in their ca-certificates' SPEC file.
Whiteboard: MGA3TOO feedback => MGA3TOO
Source RPM: firefox, thunderbird => nss, firefox, thunderbird
This is ready for testing BTW. Advisory and packages in Comment 12.
URL: (none) => http://lwn.net/Vulnerabilities/591083/
Retested mga4-64 with the new nss, all OK.
Whiteboard: MGA3TOO => MGA3TOO mga4-64-ok
mga4-32 tested as above. No regressions.
Whiteboard: MGA3TOO mga4-64-ok => MGA3TOO mga4-64-ok mga4-32-ok
mga3-32 tested as above, no regressions noted.
Whiteboard: MGA3TOO mga4-64-ok mga4-32-ok => MGA3TOO mga4-64-ok mga4-32-ok mga3-32-ok
Mga3-64 tested as above, no regressions noted. Update is ready to push when advisory is uploaded to svn.
Whiteboard: MGA3TOO mga4-64-ok mga4-32-ok mga3-32-ok => MGA3TOO mga4-64-ok mga4-32-ok mga3-32-ok mga3-64-ok
Advisory (phew!) uploaded, please push to 4 core/updates.
Keywords: (none) => validated_updateWhiteboard: MGA3TOO mga4-64-ok mga4-32-ok mga3-32-ok mga3-64-ok => MGA3TOO mga4-64-ok mga4-32-ok mga3-32-ok mga3-64-ok advisoryCC: (none) => remi, sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2014-0137.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
For additional reference, here's RedHat's advisory for Thunderbird: https://rhn.redhat.com/errata/RHSA-2014-0316.html