| Errata ID | 289 |
|---|---|
| Date | 2015-02-23 |
| Source package | firefox-en |
| Fixed in version | 31.4.0esr-1.50.201502171654 |
| Description | Several vulnerabilities have been fixed with the update to Firefox ESR 31.4: * Memory corruption in the browser engine allows the execution of code (CVE-2014-8634) * Missing origin check in sendBeacon() (CVE-2014-8638) * Cookie injection in proxy authentication (CVE-2014-8639) * Read-after-free in WebRTC (CVE-2014-8641) |
| Additional notes | This update consists of two updates for firefox-en and firefox-de. |
| CVE ID | CVE-2014-8634 CVE-2014-8638 CVE-2014-8639 CVE-2014-8641 |
| UCS Bug number | #37535 |
