openSUSE 11.4: Security Update for Seamonkey Critical Memory Issues
opensuse
September 29, 2011
An update that fixes 11 vulnerabilities is now available
Description
Mozilla Seamonkey was updated to version 2.4, fixing
various bugs and security issues.
MFSA 2011-36: Mozilla developers identified and fixed
several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code.
In general these flaws cannot be exploited through email in
the Thunderbird and SeaMonkey products because scripting is
disabled, but are potentially a risk in browser or
browser-like contexts in those products.
Benjamin Smedberg, Bob Clary, and Jesse Ruderman reported
memory safety problems that affected Firefox 3.6 and
Firefox 6. (CVE-2011-2995)
Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor
Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous
reported memory safety problems that...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch MozillaFirefox-5208 seamonkey-5210
- openSUSE 11.3:
zypper in -t patch seamonkey-5210
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 11.4 (i586 x86_64) [New Version: 2.4 and 7.0]:
MozillaFirefox-7.0-1.2.1
MozillaFirefox-branding-upstream-7.0-1.2.1
MozillaFirefox-buildsymbols-7.0-1.2.1
MozillaFirefox-devel-7.0-1.2.1
MozillaFirefox-translations-common-7.0-1.2.1
MozillaFirefox-translations-other-7.0-1.2.1
seamonkey-2.4-1.2.1
seamonkey-dom-inspector-2.4-1.2.1
seamonkey-irc-2.4-1.2.1
seamonkey-translations-common-2.4-1.2.1
seamonkey-translations-other-2.4-1.2.1
seamonkey-venkman-2.4-1.2.1
- openSUSE 11.3 (i586 x86_64) [New Version: 2.4]:
seamonkey-2.4-1.2.1
seamonkey-dom-inspector-2.4-1.2.1
seamonkey-irc-2.4-1.2.1
seamonkey-translations-common-2.4-1.2.1
seamonkey-translations-other-2.4-1.2.1
seamonkey-venkman-2.4-1.2.1
References
https://www.suse.com/security/cve/CVE-2011-2372.html
https://www.suse.com/security/cve/CVE-2011-2995.html
https://www.suse.com/security/cve/CVE-2011-2997.html
https://www.suse.com/security/cve/CVE-2011-2999.html
https://www.suse.com/security/cve/CVE-2011-3000.html
https://www.suse.com/security/cve/CVE-2011-3001.html
https://www.suse.com/security/cve/CVE-2011-3002.html
https://www.suse.com/security/cve/CVE-2011-3003.html
https://www.suse.com/security/cve/CVE-2011-3004.html
https://www.suse.com/security/cve/CVE-2011-3005.html
https://www.suse.com/security/cve/CVE-2011-3232.html
--
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2011:1077-1
Rating: important
Affected Products:
openSUSE 11.4
openSUSE 11.3
.
It includes two new package versions.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!