Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

openSUSE 11.4: 2011:0724-1 Important MozillaThunderbird Update

opensuse
Calendar Grey June 30, 2011
Dist Opensuse Esm H88
Important openSUSE patch resolves 11 vulnerabilities in MozillaThunderbird 3.1.11. Safeguard your environment with updated software packages now.
An update that fixes 11 vulnerabilities is now available

Description

Mozilla Thunderbird was updated to the 3.1.11 release.

It has new features, fixes lots of bugs, and also fixes the

following security issues:

* MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364

CVE-2011-2365 Miscellaneous memory safety hazards

* MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free

vulnerability when viewing XUL document with script

disabled

* MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)

Memory corruption due to multipart/x-mixed-replace

images

* MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer

overflow and arbitrary code execution in

Array.reduceRight()

* MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363

Multiple dangling pointer vulnerabilities

* MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie

isolation error

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch MozillaThunderbird-4800 firefox50-upgrade-4806 mozilla-js192-4771

- openSUSE 11.3:

zypper in -t patch MozillaFirefox-4761 MozillaThunderbird-4800

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 1.9.2.18,3.1.11 and 5.0]:

MozillaFirefox-5.0-0.2.1

MozillaFirefox-branding-openSUSE-5.0-2.3.1

MozillaFirefox-buildsymbols-5.0-0.2.1

MozillaFirefox-devel-5.0-0.2.1

MozillaFirefox-translations-common-5.0-0.2.1

MozillaFirefox-translations-other-5.0-0.2.1

MozillaThunderbird-3.1.11-0.7.1

MozillaThunderbird-buildsymbols-3.1.11-0.7.1

MozillaThunderbird-devel-3.1.11-0.7.1

MozillaThunderbird-translations-common-3.1.11-0.7.1

MozillaThunderbird-translations-other-3.1.11-0.7.1

enigmail-1.1.2-9.7.1

mozilla-js192-1.9.2.18-1.2.1

mozilla-xulrunner192-1.9.2.18-1.2.1

mozilla-xulrunner192-buildsymbols-1.9.2.18-1.2.1

mozilla-xulrunner192-devel-1.9.2.18-1.2.1

mozilla-xulrunner192-gnome-1.9.2.18-1.2.1

mozilla-xulrunner192-translations-common-1.9.2.18-1.2.1

mozilla-xulrunner192-translations-other-1.9.2.18-1.2.1

- openSUSE 11.4 (x86_64) [New Version: 1.9.2.18]:

mozilla-js192-32bit-1.9.2.18-1.2.1

mozilla-xulrunner192-32bit-1.9.2.18-1.2.1

mozilla-xulrunner192-gnome-32bit-1.9.2.18-1.2.1

mozil...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2011-0083.html

https://www.suse.com/security/cve/CVE-2011-0085.html

https://www.suse.com/security/cve/CVE-2011-2362.html

https://www.suse.com/security/cve/CVE-2011-2363.html

https://www.suse.com/security/cve/CVE-2011-2364.html

https://www.suse.com/security/cve/CVE-2011-2365.html

https://www.suse.com/security/cve/CVE-2011-2371.html

https://www.suse.com/security/cve/CVE-2011-2373.html

https://www.suse.com/security/cve/CVE-2011-2374.html

https://www.suse.com/security/cve/CVE-2011-2376.html

https://www.suse.com/security/cve/CVE-2011-2377.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2011:0724-1
Rating: important
Affected Products: openSUSE 11.4 openSUSE 11.3 . It includes 5 new package versions.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.