Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

openSUSE 11.4: 2012:0234-1 Important: Firefox 10 Memory Safety Breaches

opensuse
Calendar Grey February 9, 2012
Dist Opensuse Esm H88
Set up MozillaFirefox 10 to resolve various security vulnerabilities impacting openSUSE 11.4 and improve your online safety.
An update that contains security fixes can now be installed

Description

Mozilla Firefox was updated to version 10 to fix bugs and

security issues.

MFSA 2012-01: Mozilla developers identified and fixed

several memory safety bugs in the browser engine used in

Firefox and other Mozilla-based products. Some of these

bugs showed evidence of memory corruption under certain

circumstances, and we presume that with enough effort at

least some of these could be exploited to run arbitrary

code.

In general these flaws cannot be exploited through email in

the Thunderbird and SeaMonkey products because scripting is

disabled, but are potentially a risk in browser or

browser-like contexts in those products. References

CVE-2012-0443: Ben Hawkes, Christian Holler, Honza Bombas,

Jason Orendorff, Jesse Ruderman, Jan Odvarko, Peter Van Der

Beken, and Bill McCloskey reported memory safety problems

that were fixed in Firefox 10.

CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory

safety problems that were...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue critical Firefox memory safety browser update openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch MozillaFirefox-5750 MozillaThunderbird-5751 mozilla-js192-5749 seamonkey-5768

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 1.9.2.26,10.0,2.7 and 3.1.18]:

MozillaFirefox-10.0-0.2.1

MozillaFirefox-branding-upstream-10.0-0.2.1

MozillaFirefox-buildsymbols-10.0-0.2.1

MozillaFirefox-devel-10.0-0.2.1

MozillaFirefox-translations-common-10.0-0.2.1

MozillaFirefox-translations-other-10.0-0.2.1

MozillaThunderbird-3.1.18-0.23.1

MozillaThunderbird-buildsymbols-3.1.18-0.23.1

MozillaThunderbird-devel-3.1.18-0.23.1

MozillaThunderbird-translations-common-3.1.18-0.23.1

MozillaThunderbird-translations-other-3.1.18-0.23.1

enigmail-1.1.2+3.1.18-0.23.1

mozilla-js192-1.9.2.26-0.2.1

mozilla-xulrunner192-1.9.2.26-0.2.1

mozilla-xulrunner192-buildsymbols-1.9.2.26-0.2.1

mozilla-xulrunner192-devel-1.9.2.26-0.2.1

mozilla-xulrunner192-gnome-1.9.2.26-0.2.1

mozilla-xulrunner192-translations-common-1.9.2.26-0.2.1

mozilla-xulrunner192-translations-other-1.9.2.26-0.2.1

seamonkey-2.7-0.2.1

seamonkey-dom-inspector-2.7-0.2.1

seamonkey-irc-2.7-0.2.1

seamonkey-translations-common-2.7-0.2.1

seamonkey-translations-other-2.7-0.2.1...

Read the Full Advisory

References

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:0234-1
Rating: important
Affected Products: openSUSE 11.4 led. It includes 5 new package versions.

Topics%20covered

Topics Covered

security advisory security issue critical Firefox memory safety browser update openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here