| Errata ID | 35 |
|---|---|
| Date | 2015-01-21 |
| Source package | firefox-en |
| Fixed in version | 31.4.0esr-3.49.201501141911 |
| Description | Several vulnerabilities have been fixed with the update to Firefox ESR 31.4: * Memory corruption in the browser engine allows the execution of code (CVE-2014-8634) * Missing origin check in sendBeacon() (CVE-2014-8638) * Cookie injection in proxy authentication (CVE-2014-8639) * Read-after-free in WebRTC (CVE-2014-8641) |
| Additional notes | This update consists of two updates for firefox-en and firefox-de. |
| CVE ID | CVE-2014-8634 CVE-2014-8638 CVE-2014-8639 CVE-2014-8641 |
| UCS Bug number | #37536 |
