Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

openSUSE 11.3: 1079-1 Important: Mozilla Firefox Browser Crash

opensuse
Calendar Grey September 29, 2011
Dist Opensuse Esm H88
Release note for openSUSE highlighting various vulnerabilities resolved in Mozilla Firefox 3.6.23, featuring crucial enhancements executed.
An update that fixes 5 vulnerabilities is now available

Description

Mozilla Firefox was updated to version 3.6.23, fixing

various bugs and security issues.

MFSA 2011-36: Mozilla developers identified and fixed

several memory safety bugs in the browser engine used in

Firefox and other Mozilla-based products. Some of these

bugs showed evidence of memory corruption under certain

circumstances, and we presume that with enough effort at

least some of these could be exploited to run arbitrary

code.

In general these flaws cannot be exploited through email in

the Thunderbird and SeaMonkey products because scripting is

disabled,, but are potentially a risk in browser or

browser-like contexts in those products.

Benjamin Smedberg, Bob Clary, and Jesse Ruderman reported

memory safety problems that affected Firefox 3.6 and

Firefox 6. (CVE-2011-2995)

Josh Aas reported a potential crash in the plugin API that

affected Firefox 3.6 only. (CVE-2011-2996)

MFSA 2011-37: Mark Kaplan reported a potentially

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory software update important memory safety Mozilla Firefox openSUSE browser crash

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch MozillaFirefox-5203

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.3 (i586 x86_64) [New Version: 1.9.2.23 and 3.6.23]:

MozillaFirefox-3.6.23-0.2.1

MozillaFirefox-branding-upstream-3.6.23-0.2.1

MozillaFirefox-translations-common-3.6.23-0.2.1

MozillaFirefox-translations-other-3.6.23-0.2.1

mozilla-js192-1.9.2.23-1.2.1

mozilla-xulrunner192-1.9.2.23-1.2.1

mozilla-xulrunner192-buildsymbols-1.9.2.23-1.2.1

mozilla-xulrunner192-devel-1.9.2.23-1.2.1

mozilla-xulrunner192-gnome-1.9.2.23-1.2.1

mozilla-xulrunner192-translations-common-1.9.2.23-1.2.1

mozilla-xulrunner192-translations-other-1.9.2.23-1.2.1

- openSUSE 11.3 (x86_64) [New Version: 1.9.2.23]:

mozilla-js192-32bit-1.9.2.23-1.2.1

mozilla-xulrunner192-32bit-1.9.2.23-1.2.1

mozilla-xulrunner192-gnome-32bit-1.9.2.23-1.2.1

mozilla-xulrunner192-translations-common-32bit-1.9.2.23-1.2.1

mozilla-xulrunner192-translations-other-32bit-1.9.2.23-1.2.1

References

https://www.suse.com/security/cve/CVE-2011-2372.html

https://www.suse.com/security/cve/CVE-2011-2995.html

https://www.suse.com/security/cve/CVE-2011-2996.html

https://www.suse.com/security/cve/CVE-2011-2999.html

https://www.suse.com/security/cve/CVE-2011-3000.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2011:1079-1
Rating: important
Affected Products: openSUSE 11.3 . It includes two new package versions.

Topics%20covered

Topics Covered

security advisory software update important memory safety Mozilla Firefox openSUSE browser crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here