[gentoo-announce] [ GLSA 201504-01 ] Mozilla Products: Multiple vulnerabilities - gentoo-announce

From:	Kristian Fiskerstrand <k_f@g.o>
To:	gentoo-announce@l.g.o
Subject:	[gentoo-announce] [ GLSA 201504-01 ] Mozilla Products: Multiple vulnerabilities
Date:	Tue, 07 Apr 2015 08:58:55
Message-Id:	`55239B8B.6000303@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 201504-01

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                           https://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

 Severity: Normal

8

    Title: Mozilla Products: Multiple vulnerabilities

9

     Date: April 07, 2015

10

     Bugs: #489796, #491234, #493850, #500320, #505072, #509050,

11

           #512896, #517876, #522020, #523652, #525474, #531408,

12

           #536564, #541316, #544056

13

       ID: 201504-01

14

15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

16

17

Synopsis

18

========

19

20

Multiple vulnerabilities have been found in Mozilla Firefox,

21

Thunderbird, and SeaMonkey, the worst of which may allow user-assisted

22

execution of arbitrary code.

23

24

Background

25

==========

26

27

Mozilla Firefox is an open-source web browser and Mozilla Thunderbird

28

an open-source email client, both from the Mozilla Project. The

29

SeaMonkey project is a community effort to deliver production-quality

30

releases of code derived from the application formerly known as the

31

‘Mozilla Application Suite’.

32

33

Affected packages

34

=================

35

36

    -------------------------------------------------------------------

37

     Package              /     Vulnerable     /            Unaffected

38

    -------------------------------------------------------------------

39

  1  www-client/firefox           < 31.5.3                  >= 31.5.3

40

  2  www-client/firefox-bin       < 31.5.3                  >= 31.5.3

41

  3  mail-client/thunderbird      < 31.5.0                  >= 31.5.0

42

  4  mail-client/thunderbird-bin

43

                                  < 31.5.0                  >= 31.5.0

44

  5  www-client/seamonkey         < 2.33.1                  >= 2.33.1

45

  6  www-client/seamonkey-bin

46

                                  < 2.33.1                  >= 2.33.1

47

  7  dev-libs/nspr                < 4.10.6                  >= 4.10.6

48

    -------------------------------------------------------------------

49

     7 affected packages

50

51

Description

52

===========

53

54

Multiple vulnerabilities have been discovered in Firefox, Thunderbird,

55

and SeaMonkey. Please review the CVE identifiers referenced below for

56

details.

57

58

Impact

59

======

60

61

A remote attacker could entice a user to view a specially crafted web

62

page or email, possibly resulting in execution of arbitrary code or a

63

Denial of Service condition. Furthermore, a remote attacker may be able

64

to perform Man-in-the-Middle attacks, obtain sensitive information,

65

spoof the address bar, conduct clickjacking attacks, bypass security

66

restrictions and protection mechanisms,  or have other unspecified

67

impact.

68

69

Workaround

70

==========

71

72

There are no known workarounds at this time.

73

74

Resolution

75

==========

76

77

All firefox users should upgrade to the latest version:

78

79

  # emerge --sync

80

  # emerge --ask --oneshot --verbose ">=www-client/firefox-31.5.3"

81

82

All firefox-bin users should upgrade to the latest version:

83

84

  # emerge --sync

85

  # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-31.5.3"

86

87

All thunderbird users should upgrade to the latest version:

88

89

  # emerge --sync

90

  # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-31.5.0"

91

92

All thunderbird-bin users should upgrade to the latest version:

93

94

  # emerge --sync

95

  # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-31.5.0"

96

97

All seamonkey users should upgrade to the latest version:

98

99

  # emerge --sync

100

  # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.33.1"

101

102

All seamonkey-bin users should upgrade to the latest version:

103

104

  # emerge --sync

105

  # emerge --ask --oneshot -v ">=www-client/seamonkey-bin-2.33.1"

106

107

All nspr users should upgrade to the latest version:

108

109

  # emerge --sync

110

  # emerge --ask --oneshot --verbose ">=dev-libs/nspr-4.10.6"

111

112

References

113

==========

114

115

[   1 ] CVE-2013-1741

116

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1741

117

[   2 ] CVE-2013-2566

118

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2566

119

[   3 ] CVE-2013-5590

120

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5590

121

[   4 ] CVE-2013-5591

122

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5591

123

[   5 ] CVE-2013-5592

124

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5592

125

[   6 ] CVE-2013-5593

126

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5593

127

[   7 ] CVE-2013-5595

128

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5595

129

[   8 ] CVE-2013-5596

130

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5596

131

[   9 ] CVE-2013-5597

132

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5597

133

[  10 ] CVE-2013-5598

134

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5598

135

[  11 ] CVE-2013-5599

136

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5599

137

[  12 ] CVE-2013-5600

138

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5600

139

[  13 ] CVE-2013-5601

140

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5601

141

[  14 ] CVE-2013-5602

142

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5602

143

[  15 ] CVE-2013-5603

144

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5603

145

[  16 ] CVE-2013-5604

146

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5604

147

[  17 ] CVE-2013-5605

148

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5605

149

[  18 ] CVE-2013-5606

150

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5606

151

[  19 ] CVE-2013-5607

152

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5607

153

[  20 ] CVE-2013-5609

154

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5609

155

[  21 ] CVE-2013-5610

156

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5610

157

[  22 ] CVE-2013-5612

158

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5612

159

[  23 ] CVE-2013-5613

160

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5613

161

[  24 ] CVE-2013-5614

162

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5614

163

[  25 ] CVE-2013-5615

164

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5615

165

[  26 ] CVE-2013-5616

166

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5616

167

[  27 ] CVE-2013-5618

168

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5618

169

[  28 ] CVE-2013-5619

170

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5619

171

[  29 ] CVE-2013-6671

172

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6671

173

[  30 ] CVE-2013-6672

174

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6672

175

[  31 ] CVE-2013-6673

176

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6673

177

[  32 ] CVE-2014-1477

178

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1477

179

[  33 ] CVE-2014-1478

180

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1478

181

[  34 ] CVE-2014-1479

182

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1479

183

[  35 ] CVE-2014-1480

184

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1480

185

[  36 ] CVE-2014-1481

186

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1481

187

[  37 ] CVE-2014-1482

188

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1482

189

[  38 ] CVE-2014-1483

190

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1483

191

[  39 ] CVE-2014-1485

192

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1485

193

[  40 ] CVE-2014-1486

194

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1486

195

[  41 ] CVE-2014-1487

196

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1487

197

[  42 ] CVE-2014-1488

198

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1488

199

[  43 ] CVE-2014-1489

200

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1489

201

[  44 ] CVE-2014-1490

202

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1490

203

[  45 ] CVE-2014-1491

204

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1491

205

[  46 ] CVE-2014-1492

206

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1492

207

[  47 ] CVE-2014-1493

208

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1493

209

[  48 ] CVE-2014-1494

210

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1494

211

[  49 ] CVE-2014-1496

212

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1496

213

[  50 ] CVE-2014-1497

214

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1497

215

[  51 ] CVE-2014-1498

216

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1498

217

[  52 ] CVE-2014-1499

218

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1499

219

[  53 ] CVE-2014-1500

220

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1500

221

[  54 ] CVE-2014-1502

222

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1502

223

[  55 ] CVE-2014-1505

224

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1505

225

[  56 ] CVE-2014-1508

226

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1508

227

[  57 ] CVE-2014-1509

228

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1509

229

[  58 ] CVE-2014-1510

230

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1510

231

[  59 ] CVE-2014-1511

232

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1511

233

[  60 ] CVE-2014-1512

234

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1512

235

[  61 ] CVE-2014-1513

236

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1513

237

[  62 ] CVE-2014-1514

238

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1514

239

[  63 ] CVE-2014-1518

240

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1518

241

[  64 ] CVE-2014-1519

242

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1519

243

[  65 ] CVE-2014-1520

244

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1520

245

[  66 ] CVE-2014-1522

246

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1522

247

[  67 ] CVE-2014-1523

248

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1523

249

[  68 ] CVE-2014-1524

250

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1524

251

[  69 ] CVE-2014-1525

252

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1525

253

[  70 ] CVE-2014-1526

254

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1526

255

[  71 ] CVE-2014-1529

256

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1529

257

[  72 ] CVE-2014-1530

258

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1530

259

[  73 ] CVE-2014-1531

260

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1531

261

[  74 ] CVE-2014-1532

262

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1532

263

[  75 ] CVE-2014-1533

264

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1533

265

[  76 ] CVE-2014-1534

266

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1534

267

[  77 ] CVE-2014-1536

268

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1536

269

[  78 ] CVE-2014-1537

270

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1537

271

[  79 ] CVE-2014-1538

272

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1538

273

[  80 ] CVE-2014-1539

274

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1539

275

[  81 ] CVE-2014-1540

276

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1540

277

[  82 ] CVE-2014-1541

278

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1541

279

[  83 ] CVE-2014-1542

280

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1542

281

[  84 ] CVE-2014-1543

282

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1543

283

[  85 ] CVE-2014-1544

284

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1544

285

[  86 ] CVE-2014-1545

286

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1545

287

[  87 ] CVE-2014-1547

288

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1547

289

[  88 ] CVE-2014-1548

290

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1548

291

[  89 ] CVE-2014-1549

292

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1549

293

[  90 ] CVE-2014-1550

294

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1550

295

[  91 ] CVE-2014-1551

296

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1551

297

[  92 ] CVE-2014-1552

298

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1552

299

[  93 ] CVE-2014-1553

300

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1553

301

[  94 ] CVE-2014-1554

302

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1554

303

[  95 ] CVE-2014-1555

304

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1555

305

[  96 ] CVE-2014-1556

306

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1556

307

[  97 ] CVE-2014-1557

308

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1557

309

[  98 ] CVE-2014-1558

310

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1558

311

[  99 ] CVE-2014-1559

312

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1559

313

[ 100 ] CVE-2014-1560

314

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1560

315

[ 101 ] CVE-2014-1561

316

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1561

317

[ 102 ] CVE-2014-1562

318

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1562

319

[ 103 ] CVE-2014-1563

320

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1563

321

[ 104 ] CVE-2014-1564

322

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1564

323

[ 105 ] CVE-2014-1565

324

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1565

325

[ 106 ] CVE-2014-1566

326

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1566

327

[ 107 ] CVE-2014-1567

328

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1567

329

[ 108 ] CVE-2014-1568

330

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1568

331

[ 109 ] CVE-2014-1574

332

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1574

333

[ 110 ] CVE-2014-1575

334

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1575

335

[ 111 ] CVE-2014-1576

336

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1576

337

[ 112 ] CVE-2014-1577

338

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1577

339

[ 113 ] CVE-2014-1578

340

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1578

341

[ 114 ] CVE-2014-1580

342

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1580

343

[ 115 ] CVE-2014-1581

344

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1581

345

[ 116 ] CVE-2014-1582

346

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1582

347

[ 117 ] CVE-2014-1583

348

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1583

349

[ 118 ] CVE-2014-1584

350

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1584

351

[ 119 ] CVE-2014-1585

352

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1585

353

[ 120 ] CVE-2014-1586

354

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1586

355

[ 121 ] CVE-2014-1587

356

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1587

357

[ 122 ] CVE-2014-1588

358

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1588

359

[ 123 ] CVE-2014-1589

360

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1589

361

[ 124 ] CVE-2014-1590

362

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1590

363

[ 125 ] CVE-2014-1591

364

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1591

365

[ 126 ] CVE-2014-1592

366

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1592

367

[ 127 ] CVE-2014-1593

368

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1593

369

[ 128 ] CVE-2014-1594

370

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1594

371

[ 129 ] CVE-2014-5369

372

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5369

373

[ 130 ] CVE-2014-8631

374

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8631

375

[ 131 ] CVE-2014-8632

376

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8632

377

[ 132 ] CVE-2014-8634

378

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8634

379

[ 133 ] CVE-2014-8635

380

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8635

381

[ 134 ] CVE-2014-8636

382

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8636

383

[ 135 ] CVE-2014-8637

384

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8637

385

[ 136 ] CVE-2014-8638

386

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8638

387

[ 137 ] CVE-2014-8639

388

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8639

389

[ 138 ] CVE-2014-8640

390

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8640

391

[ 139 ] CVE-2014-8641

392

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8641

393

[ 140 ] CVE-2014-8642

394

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8642

395

[ 141 ] CVE-2015-0817

396

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0817

397

[ 142 ] CVE-2015-0818

398

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0818

399

[ 143 ] CVE-2015-0819

400

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0819

401

[ 144 ] CVE-2015-0820

402

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0820

403

[ 145 ] CVE-2015-0821

404

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0821

405

[ 146 ] CVE-2015-0822

406

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0822

407

[ 147 ] CVE-2015-0823

408

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0823

409

[ 148 ] CVE-2015-0824

410

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0824

411

[ 149 ] CVE-2015-0825

412

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0825

413

[ 150 ] CVE-2015-0826

414

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0826

415

[ 151 ] CVE-2015-0827

416

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0827

417

[ 152 ] CVE-2015-0828

418

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0828

419

[ 153 ] CVE-2015-0829

420

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0829

421

[ 154 ] CVE-2015-0830

422

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0830

423

[ 155 ] CVE-2015-0831

424

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0831

425

[ 156 ] CVE-2015-0832

426

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0832

427

[ 157 ] CVE-2015-0833

428

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0833

429

[ 158 ] CVE-2015-0834

430

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0834

431

[ 159 ] CVE-2015-0835

432

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0835

433

[ 160 ] CVE-2015-0836

434

        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0836

435

[ 161 ] VE-2014-1504

436

437

438

Availability

439

============

440

441

This GLSA and any updates to it are available for viewing at

442

the Gentoo Security Website:

443

444

 https://security.gentoo.org/glsa/201504-01

445

446

Concerns?

447

=========

448

449

Security is a primary focus of Gentoo Linux and ensuring the

450

confidentiality and security of our users' machines is of utmost

451

importance to us. Any security concerns should be addressed to

452

security@g.o or alternatively, you may file a bug at

453

https://bugs.gentoo.org.

454

455

License

456

=======

457

458

Copyright 2015 Gentoo Foundation, Inc; referenced text

459

belongs to its owner(s).

460

461

The contents of this document are licensed under the

462

Creative Commons - Attribution / Share Alike license.

463

464

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 201504-01
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	https://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Mozilla Products: Multiple vulnerabilities
9	Date: April 07, 2015
10	Bugs: #489796, #491234, #493850, #500320, #505072, #509050,
11	#512896, #517876, #522020, #523652, #525474, #531408,
12	#536564, #541316, #544056
13	ID: 201504-01
14
15	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
16
17	Synopsis
18	========
19
20	Multiple vulnerabilities have been found in Mozilla Firefox,
21	Thunderbird, and SeaMonkey, the worst of which may allow user-assisted
22	execution of arbitrary code.
23
24	Background
25	==========
26
27	Mozilla Firefox is an open-source web browser and Mozilla Thunderbird
28	an open-source email client, both from the Mozilla Project. The
29	SeaMonkey project is a community effort to deliver production-quality
30	releases of code derived from the application formerly known as the
31	‘Mozilla Application Suite’.
32
33	Affected packages
34	=================
35
36	-------------------------------------------------------------------
37	Package / Vulnerable / Unaffected
38	-------------------------------------------------------------------
39	1 www-client/firefox < 31.5.3 >= 31.5.3
40	2 www-client/firefox-bin < 31.5.3 >= 31.5.3
41	3 mail-client/thunderbird < 31.5.0 >= 31.5.0
42	4 mail-client/thunderbird-bin
43	< 31.5.0 >= 31.5.0
44	5 www-client/seamonkey < 2.33.1 >= 2.33.1
45	6 www-client/seamonkey-bin
46	< 2.33.1 >= 2.33.1
47	7 dev-libs/nspr < 4.10.6 >= 4.10.6
48	-------------------------------------------------------------------
49	7 affected packages
50
51	Description
52	===========
53
54	Multiple vulnerabilities have been discovered in Firefox, Thunderbird,
55	and SeaMonkey. Please review the CVE identifiers referenced below for
56	details.
57
58	Impact
59	======
60
61	A remote attacker could entice a user to view a specially crafted web
62	page or email, possibly resulting in execution of arbitrary code or a
63	Denial of Service condition. Furthermore, a remote attacker may be able
64	to perform Man-in-the-Middle attacks, obtain sensitive information,
65	spoof the address bar, conduct clickjacking attacks, bypass security
66	restrictions and protection mechanisms, or have other unspecified
67	impact.
68
69	Workaround
70	==========
71
72	There are no known workarounds at this time.
73
74	Resolution
75	==========
76
77	All firefox users should upgrade to the latest version:
78
79	# emerge --sync
80	# emerge --ask --oneshot --verbose ">=www-client/firefox-31.5.3"
81
82	All firefox-bin users should upgrade to the latest version:
83
84	# emerge --sync
85	# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-31.5.3"
86
87	All thunderbird users should upgrade to the latest version:
88
89	# emerge --sync
90	# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-31.5.0"
91
92	All thunderbird-bin users should upgrade to the latest version:
93
94	# emerge --sync
95	# emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-31.5.0"
96
97	All seamonkey users should upgrade to the latest version:
98
99	# emerge --sync
100	# emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.33.1"
101
102	All seamonkey-bin users should upgrade to the latest version:
103
104	# emerge --sync
105	# emerge --ask --oneshot -v ">=www-client/seamonkey-bin-2.33.1"
106
107	All nspr users should upgrade to the latest version:
108
109	# emerge --sync
110	# emerge --ask --oneshot --verbose ">=dev-libs/nspr-4.10.6"
111
112	References
113	==========
114
115	[ 1 ] CVE-2013-1741
116	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1741
117	[ 2 ] CVE-2013-2566
118	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2566
119	[ 3 ] CVE-2013-5590
120	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5590
121	[ 4 ] CVE-2013-5591
122	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5591
123	[ 5 ] CVE-2013-5592
124	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5592
125	[ 6 ] CVE-2013-5593
126	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5593
127	[ 7 ] CVE-2013-5595
128	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5595
129	[ 8 ] CVE-2013-5596
130	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5596
131	[ 9 ] CVE-2013-5597
132	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5597
133	[ 10 ] CVE-2013-5598
134	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5598
135	[ 11 ] CVE-2013-5599
136	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5599
137	[ 12 ] CVE-2013-5600
138	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5600
139	[ 13 ] CVE-2013-5601
140	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5601
141	[ 14 ] CVE-2013-5602
142	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5602
143	[ 15 ] CVE-2013-5603
144	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5603
145	[ 16 ] CVE-2013-5604
146	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5604
147	[ 17 ] CVE-2013-5605
148	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5605
149	[ 18 ] CVE-2013-5606
150	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5606
151	[ 19 ] CVE-2013-5607
152	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5607
153	[ 20 ] CVE-2013-5609
154	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5609
155	[ 21 ] CVE-2013-5610
156	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5610
157	[ 22 ] CVE-2013-5612
158	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5612
159	[ 23 ] CVE-2013-5613
160	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5613
161	[ 24 ] CVE-2013-5614
162	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5614
163	[ 25 ] CVE-2013-5615
164	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5615
165	[ 26 ] CVE-2013-5616
166	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5616
167	[ 27 ] CVE-2013-5618
168	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5618
169	[ 28 ] CVE-2013-5619
170	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5619
171	[ 29 ] CVE-2013-6671
172	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6671
173	[ 30 ] CVE-2013-6672
174	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6672
175	[ 31 ] CVE-2013-6673
176	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6673
177	[ 32 ] CVE-2014-1477
178	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1477
179	[ 33 ] CVE-2014-1478
180	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1478
181	[ 34 ] CVE-2014-1479
182	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1479
183	[ 35 ] CVE-2014-1480
184	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1480
185	[ 36 ] CVE-2014-1481
186	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1481
187	[ 37 ] CVE-2014-1482
188	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1482
189	[ 38 ] CVE-2014-1483
190	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1483
191	[ 39 ] CVE-2014-1485
192	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1485
193	[ 40 ] CVE-2014-1486
194	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1486
195	[ 41 ] CVE-2014-1487
196	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1487
197	[ 42 ] CVE-2014-1488
198	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1488
199	[ 43 ] CVE-2014-1489
200	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1489
201	[ 44 ] CVE-2014-1490
202	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1490
203	[ 45 ] CVE-2014-1491
204	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1491
205	[ 46 ] CVE-2014-1492
206	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1492
207	[ 47 ] CVE-2014-1493
208	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1493
209	[ 48 ] CVE-2014-1494
210	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1494
211	[ 49 ] CVE-2014-1496
212	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1496
213	[ 50 ] CVE-2014-1497
214	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1497
215	[ 51 ] CVE-2014-1498
216	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1498
217	[ 52 ] CVE-2014-1499
218	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1499
219	[ 53 ] CVE-2014-1500
220	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1500
221	[ 54 ] CVE-2014-1502
222	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1502
223	[ 55 ] CVE-2014-1505
224	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1505
225	[ 56 ] CVE-2014-1508
226	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1508
227	[ 57 ] CVE-2014-1509
228	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1509
229	[ 58 ] CVE-2014-1510
230	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1510
231	[ 59 ] CVE-2014-1511
232	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1511
233	[ 60 ] CVE-2014-1512
234	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1512
235	[ 61 ] CVE-2014-1513
236	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1513
237	[ 62 ] CVE-2014-1514
238	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1514
239	[ 63 ] CVE-2014-1518
240	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1518
241	[ 64 ] CVE-2014-1519
242	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1519
243	[ 65 ] CVE-2014-1520
244	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1520
245	[ 66 ] CVE-2014-1522
246	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1522
247	[ 67 ] CVE-2014-1523
248	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1523
249	[ 68 ] CVE-2014-1524
250	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1524
251	[ 69 ] CVE-2014-1525
252	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1525
253	[ 70 ] CVE-2014-1526
254	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1526
255	[ 71 ] CVE-2014-1529
256	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1529
257	[ 72 ] CVE-2014-1530
258	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1530
259	[ 73 ] CVE-2014-1531
260	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1531
261	[ 74 ] CVE-2014-1532
262	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1532
263	[ 75 ] CVE-2014-1533
264	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1533
265	[ 76 ] CVE-2014-1534
266	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1534
267	[ 77 ] CVE-2014-1536
268	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1536
269	[ 78 ] CVE-2014-1537
270	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1537
271	[ 79 ] CVE-2014-1538
272	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1538
273	[ 80 ] CVE-2014-1539
274	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1539
275	[ 81 ] CVE-2014-1540
276	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1540
277	[ 82 ] CVE-2014-1541
278	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1541
279	[ 83 ] CVE-2014-1542
280	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1542
281	[ 84 ] CVE-2014-1543
282	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1543
283	[ 85 ] CVE-2014-1544
284	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1544
285	[ 86 ] CVE-2014-1545
286	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1545
287	[ 87 ] CVE-2014-1547
288	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1547
289	[ 88 ] CVE-2014-1548
290	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1548
291	[ 89 ] CVE-2014-1549
292	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1549
293	[ 90 ] CVE-2014-1550
294	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1550
295	[ 91 ] CVE-2014-1551
296	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1551
297	[ 92 ] CVE-2014-1552
298	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1552
299	[ 93 ] CVE-2014-1553
300	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1553
301	[ 94 ] CVE-2014-1554
302	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1554
303	[ 95 ] CVE-2014-1555
304	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1555
305	[ 96 ] CVE-2014-1556
306	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1556
307	[ 97 ] CVE-2014-1557
308	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1557
309	[ 98 ] CVE-2014-1558
310	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1558
311	[ 99 ] CVE-2014-1559
312	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1559
313	[ 100 ] CVE-2014-1560
314	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1560
315	[ 101 ] CVE-2014-1561
316	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1561
317	[ 102 ] CVE-2014-1562
318	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1562
319	[ 103 ] CVE-2014-1563
320	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1563
321	[ 104 ] CVE-2014-1564
322	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1564
323	[ 105 ] CVE-2014-1565
324	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1565
325	[ 106 ] CVE-2014-1566
326	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1566
327	[ 107 ] CVE-2014-1567
328	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1567
329	[ 108 ] CVE-2014-1568
330	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1568
331	[ 109 ] CVE-2014-1574
332	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1574
333	[ 110 ] CVE-2014-1575
334	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1575
335	[ 111 ] CVE-2014-1576
336	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1576
337	[ 112 ] CVE-2014-1577
338	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1577
339	[ 113 ] CVE-2014-1578
340	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1578
341	[ 114 ] CVE-2014-1580
342	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1580
343	[ 115 ] CVE-2014-1581
344	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1581
345	[ 116 ] CVE-2014-1582
346	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1582
347	[ 117 ] CVE-2014-1583
348	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1583
349	[ 118 ] CVE-2014-1584
350	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1584
351	[ 119 ] CVE-2014-1585
352	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1585
353	[ 120 ] CVE-2014-1586
354	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1586
355	[ 121 ] CVE-2014-1587
356	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1587
357	[ 122 ] CVE-2014-1588
358	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1588
359	[ 123 ] CVE-2014-1589
360	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1589
361	[ 124 ] CVE-2014-1590
362	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1590
363	[ 125 ] CVE-2014-1591
364	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1591
365	[ 126 ] CVE-2014-1592
366	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1592
367	[ 127 ] CVE-2014-1593
368	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1593
369	[ 128 ] CVE-2014-1594
370	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1594
371	[ 129 ] CVE-2014-5369
372	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5369
373	[ 130 ] CVE-2014-8631
374	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8631
375	[ 131 ] CVE-2014-8632
376	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8632
377	[ 132 ] CVE-2014-8634
378	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8634
379	[ 133 ] CVE-2014-8635
380	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8635
381	[ 134 ] CVE-2014-8636
382	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8636
383	[ 135 ] CVE-2014-8637
384	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8637
385	[ 136 ] CVE-2014-8638
386	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8638
387	[ 137 ] CVE-2014-8639
388	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8639
389	[ 138 ] CVE-2014-8640
390	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8640
391	[ 139 ] CVE-2014-8641
392	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8641
393	[ 140 ] CVE-2014-8642
394	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8642
395	[ 141 ] CVE-2015-0817
396	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0817
397	[ 142 ] CVE-2015-0818
398	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0818
399	[ 143 ] CVE-2015-0819
400	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0819
401	[ 144 ] CVE-2015-0820
402	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0820
403	[ 145 ] CVE-2015-0821
404	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0821
405	[ 146 ] CVE-2015-0822
406	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0822
407	[ 147 ] CVE-2015-0823
408	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0823
409	[ 148 ] CVE-2015-0824
410	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0824
411	[ 149 ] CVE-2015-0825
412	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0825
413	[ 150 ] CVE-2015-0826
414	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0826
415	[ 151 ] CVE-2015-0827
416	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0827
417	[ 152 ] CVE-2015-0828
418	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0828
419	[ 153 ] CVE-2015-0829
420	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0829
421	[ 154 ] CVE-2015-0830
422	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0830
423	[ 155 ] CVE-2015-0831
424	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0831
425	[ 156 ] CVE-2015-0832
426	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0832
427	[ 157 ] CVE-2015-0833
428	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0833
429	[ 158 ] CVE-2015-0834
430	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0834
431	[ 159 ] CVE-2015-0835
432	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0835
433	[ 160 ] CVE-2015-0836
434	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0836
435	[ 161 ] VE-2014-1504
436
437
438	Availability
439	============
440
441	This GLSA and any updates to it are available for viewing at
442	the Gentoo Security Website:
443
444	https://security.gentoo.org/glsa/201504-01
445
446	Concerns?
447	=========
448
449	Security is a primary focus of Gentoo Linux and ensuring the
450	confidentiality and security of our users' machines is of utmost
451	importance to us. Any security concerns should be addressed to
452	security@g.o or alternatively, you may file a bug at
453	https://bugs.gentoo.org.
454
455	License
456	=======
457
458	Copyright 2015 Gentoo Foundation, Inc; referenced text
459	belongs to its owner(s).
460
461	The contents of this document are licensed under the
462	Creative Commons - Attribution / Share Alike license.
463
464	http://creativecommons.org/licenses/by-sa/2.5