Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

openSUSE 11.4 & 11.3 Important: Seamonkey Update 2012:0007-1

opensuse
Calendar Grey January 5, 2012
Dist Opensuse Esm H88
Critical security enhancement for SeaMonkey tackling various vulnerabilities in openSUSE, including comprehensive patch guidelines and specifics.
An update that fixes 5 vulnerabilities is now available

Description

seamonkey version 2.6 fixes several security issues:

* MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety

hazards

* MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash

in the YARR regular expression library

* MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds

access

* MFSA 2011-56/CVE-2011-3663: Key detection without

JavaScript via SVG animation

* MFSA 2011-58/CVE-2011-3665: Crash scaling

extreme sizes

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch seamonkey-5574

- openSUSE 11.3:

zypper in -t patch seamonkey-5574

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 2.6]:

seamonkey-2.6-0.2.1

seamonkey-dom-inspector-2.6-0.2.1

seamonkey-irc-2.6-0.2.1

seamonkey-translations-common-2.6-0.2.1

seamonkey-translations-other-2.6-0.2.1

seamonkey-venkman-2.6-0.2.1

- openSUSE 11.3 (i586 x86_64) [New Version: 2.6]:

seamonkey-2.6-0.2.1

seamonkey-dom-inspector-2.6-0.2.1

seamonkey-irc-2.6-0.2.1

seamonkey-translations-common-2.6-0.2.1

seamonkey-translations-other-2.6-0.2.1

seamonkey-venkman-2.6-0.2.1

References

https://www.suse.com/security/cve/CVE-2011-3658.html

https://www.suse.com/security/cve/CVE-2011-3660.html

https://www.suse.com/security/cve/CVE-2011-3661.html

https://www.suse.com/security/cve/CVE-2011-3663.html

https://www.suse.com/security/cve/CVE-2011-3665.html

https://login.microfocus.com/nidp/app/login?sid=0

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:0007-1
Rating: important
Affected Products: openSUSE 11.4 openSUSE 11.3 . It includes one version update.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.