openSUSE Security Update: MozillaFirefox: Version 10
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0234-1
Rating:             important
References:         #744275 
Affected Products:
                    openSUSE 11.4
______________________________________________________________________________

   An update that contains security fixes can now be
   installed. It includes 5 new package versions.

Description:

   Mozilla Firefox was updated to version 10 to fix bugs and
   security issues.

   MFSA 2012-01: Mozilla developers identified and fixed
   several memory safety bugs in the browser engine used in
   Firefox and other Mozilla-based products. Some of these
   bugs showed evidence of memory corruption under certain
   circumstances, and we presume that with enough effort at
   least some of these could be exploited to run arbitrary
   code.

   In general these flaws cannot be exploited through email in
   the Thunderbird and SeaMonkey products because scripting is
   disabled, but are potentially a risk in browser or
   browser-like contexts in those products. References

   CVE-2012-0443: Ben Hawkes, Christian Holler, Honza Bombas,
   Jason Orendorff, Jesse Ruderman, Jan Odvarko, Peter Van Der
   Beken, and Bill McCloskey reported memory safety problems
   that were fixed in Firefox 10.

   CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory
   safety problems that were fixed in both Firefox 10 and
   Firefox 3.6.26.


   MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox
   has been generous in its interpretation of web addresses
   containing square brackets around the host. If this host
   was not a valid IPv6 literal address, Firefox attempted to
   interpret the host as a regular domain name. Gregory
   Fleischer reported that requests made using IPv6 syntax
   using XMLHttpRequest objects through a proxy may generate
   errors depending on proxy configuration for IPv6. The
   resulting error messages from the proxy may disclose
   sensitive data because Same-Origin Policy (SOP) will allow
   the XMLHttpRequest object to read these error messages,
   allowing user privacy to be eroded. Firefox now enforces
   RFC 3986 IPv6 literal syntax and that may break links
   written using the non-standard Firefox-only forms that were
   previously accepted.

   This was fixed previously for Firefox 7.0, Thunderbird 7.0,
   and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and
   Thunderbird 3.1.18 during 2012.


   MFSA 2012-03/CVE-2012-0445: Alex Dvorov reported that an
   attacker could replace a sub-frame in another domain's
   document by using the name attribute of the sub-frame as a
   form submission target. This can potentially allow for
   phishing attacks against users and violates the HTML5 frame
   navigation policy.

   Firefox 3.6 and Thunderbird 3.1 are not affected by this
   vulnerability


   MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht
   reported via TippingPoint's Zero Day Initiative that
   removed child nodes of nsDOMAttribute can be accessed under
   certain circumstances because of a premature notification
   of AttributeChildRemoved. This use-after-free of the child
   nodes could possibly allow for for remote code execution.

   MFSA 2012-05/CVE-2012-0446: Mozilla security researcher
   moz_bug_r_a4 reported that frame scripts bypass XPConnect
   security checks when calling untrusted objects. This allows
   for cross-site scripting (XSS) attacks through web pages
   and Firefox extensions. The fix enables the Script Security
   Manager (SSM) to force security checks on all frame scripts.

   Firefox 3.6 and Thunderbird 3.1 are not affected by this
   vulnerability


   MFSA 2012-06/CVE-2012-0447: Mozilla developer Tim Abraldes
   reported that when encoding images as
   image/vnd.microsoft.icon the resulting data was always a
   fixed size, with uninitialized memory appended as padding
   beyond the size of the actual image. This is the result of
   mImageBufferSize in the encoder being initialized with a
   value different than the size of the source image. There is
   the possibility of sensitive data from uninitialized memory
   being appended to a PNG image when converted fron an ICO
   format image. This sensitive data may then be disclosed in
   the resulting image.

   Firefox 3.6 and Thunderbird 3.1 are not affected by this
   vulnerability


   MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht
   reported via TippingPoint's Zero Day Initiative the
   possibility of memory corruption during the decoding of Ogg
   Vorbis files. This can cause a crash during decoding and
   has the potential for remote code execution.


   MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas
   Gregoire and Aki Helin independently reported that when
   processing a malformed embedded XSLT stylesheet, Firefox
   can crash due to a memory corruption. While there is no
   evidence that this is directly exploitable, there is a
   possibility of remote code execution.

   MFSA 2012-09/CVE-2012-0450: magicant starmen reported that
   if a user chooses to export their Firefox Sync key the
   "Firefox Recovery Key.html" file is saved with incorrect
   permissions, making the file contents potentially readable
   by other users on Linux and OS X systems.

   Firefox 3.6 is not affected by this vulnerability.


Special Instructions and Notes:

   Please reboot the system after installing this update.This
   update triggers a restart of the software management stack.
   More updates will be available for installation after
   applying this update and restarting the application. This
   update triggers a restart of the software management stack.
   More updates will be available for installation after
   applying this update and restarting the application.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.4:

      zypper in -t patch MozillaFirefox-5750 MozillaThunderbird-5751 mozilla-js192-5749 seamonkey-5768

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.4 (i586 x86_64) [New Version: 1.9.2.26,10.0,2.7 and 3.1.18]:

      MozillaFirefox-10.0-0.2.1
      MozillaFirefox-branding-upstream-10.0-0.2.1
      MozillaFirefox-buildsymbols-10.0-0.2.1
      MozillaFirefox-devel-10.0-0.2.1
      MozillaFirefox-translations-common-10.0-0.2.1
      MozillaFirefox-translations-other-10.0-0.2.1
      MozillaThunderbird-3.1.18-0.23.1
      MozillaThunderbird-buildsymbols-3.1.18-0.23.1
      MozillaThunderbird-devel-3.1.18-0.23.1
      MozillaThunderbird-translations-common-3.1.18-0.23.1
      MozillaThunderbird-translations-other-3.1.18-0.23.1
      enigmail-1.1.2+3.1.18-0.23.1
      mozilla-js192-1.9.2.26-0.2.1
      mozilla-xulrunner192-1.9.2.26-0.2.1
      mozilla-xulrunner192-buildsymbols-1.9.2.26-0.2.1
      mozilla-xulrunner192-devel-1.9.2.26-0.2.1
      mozilla-xulrunner192-gnome-1.9.2.26-0.2.1
      mozilla-xulrunner192-translations-common-1.9.2.26-0.2.1
      mozilla-xulrunner192-translations-other-1.9.2.26-0.2.1
      seamonkey-2.7-0.2.1
      seamonkey-dom-inspector-2.7-0.2.1
      seamonkey-irc-2.7-0.2.1
      seamonkey-translations-common-2.7-0.2.1
      seamonkey-translations-other-2.7-0.2.1
      seamonkey-venkman-2.7-0.2.1

   - openSUSE 11.4 (x86_64) [New Version: 1.9.2.26]:

      mozilla-js192-32bit-1.9.2.26-0.2.1
      mozilla-xulrunner192-32bit-1.9.2.26-0.2.1
      mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.2.1
      mozilla-xulrunner192-translations-common-32bit-1.9.2.26-0.2.1
      mozilla-xulrunner192-translations-other-32bit-1.9.2.26-0.2.1


References:

   https://bugzilla.novell.com/744275

--

openSUSE: 2012:0234-1: important: MozillaFirefox

February 9, 2012
An update that contains security fixes can now be installed

Description

Mozilla Firefox was updated to version 10 to fix bugs and security issues. MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References CVE-2012-0443: Ben Hawkes, Christian Holler, Honza Bombas, Jason Orendorff, Jesse Ruderman, Jan Odvarko, Peter Van Der Beken, and Bill McCloskey reported memory safety problems that were fixed in Firefox 10. CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety problems that were fixed in both Firefox 10 and Firefox 3.6.26. MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been generous in its interpretation of web addresses containing square brackets around the host. If this host was not a valid IPv6 literal address, Firefox attempted to interpret the host as a regular domain name. Gregory Fleischer reported that requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data because Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read these error messages, allowing user privacy to be eroded. Firefox now enforces RFC 3986 IPv6 literal syntax and that may break links written using the non-standard Firefox-only forms that were previously accepted. This was fixed previously for Firefox 7.0, Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18 during 2012. MFSA 2012-03/CVE-2012-0445: Alex Dvorov reported that an attacker could replace a sub-frame in another domain's document by using the name attribute of the sub-frame as a form submission target. This can potentially allow for phishing attacks against users and violates the HTML5 frame navigation policy. Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for for remote code execution. MFSA 2012-05/CVE-2012-0446: Mozilla security researcher moz_bug_r_a4 reported that frame scripts bypass XPConnect security checks when calling untrusted objects. This allows for cross-site scripting (XSS) attacks through web pages and Firefox extensions. The fix enables the Script Security Manager (SSM) to force security checks on all frame scripts. Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability MFSA 2012-06/CVE-2012-0447: Mozilla developer Tim Abraldes reported that when encoding images as image/vnd.microsoft.icon the resulting data was always a fixed size, with uninitialized memory appended as padding beyond the size of the actual image. This is the result of mImageBufferSize in the encoder being initialized with a value different than the size of the source image. There is the possibility of sensitive data from uninitialized memory being appended to a PNG image when converted fron an ICO format image. This sensitive data may then be disclosed in the resulting image. Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and Aki Helin independently reported that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to a memory corruption. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution. MFSA 2012-09/CVE-2012-0450: magicant starmen reported that if a user chooses to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users on Linux and OS X systems. Firefox 3.6 is not affected by this vulnerability. Special Instructions and Notes: Please reboot the system after installing this update.This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application. This update triggers a restart of the software management stack. More updates will be available for installation after applying this update and restarting the application.

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch MozillaFirefox-5750 MozillaThunderbird-5751 mozilla-js192-5749 seamonkey-5768 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 1.9.2.26,10.0,2.7 and 3.1.18]: MozillaFirefox-10.0-0.2.1 MozillaFirefox-branding-upstream-10.0-0.2.1 MozillaFirefox-buildsymbols-10.0-0.2.1 MozillaFirefox-devel-10.0-0.2.1 MozillaFirefox-translations-common-10.0-0.2.1 MozillaFirefox-translations-other-10.0-0.2.1 MozillaThunderbird-3.1.18-0.23.1 MozillaThunderbird-buildsymbols-3.1.18-0.23.1 MozillaThunderbird-devel-3.1.18-0.23.1 MozillaThunderbird-translations-common-3.1.18-0.23.1 MozillaThunderbird-translations-other-3.1.18-0.23.1 enigmail-1.1.2+3.1.18-0.23.1 mozilla-js192-1.9.2.26-0.2.1 mozilla-xulrunner192-1.9.2.26-0.2.1 mozilla-xulrunner192-buildsymbols-1.9.2.26-0.2.1 mozilla-xulrunner192-devel-1.9.2.26-0.2.1 mozilla-xulrunner192-gnome-1.9.2.26-0.2.1 mozilla-xulrunner192-translations-common-1.9.2.26-0.2.1 mozilla-xulrunner192-translations-other-1.9.2.26-0.2.1 seamonkey-2.7-0.2.1 seamonkey-dom-inspector-2.7-0.2.1 seamonkey-irc-2.7-0.2.1 seamonkey-translations-common-2.7-0.2.1 seamonkey-translations-other-2.7-0.2.1 seamonkey-venkman-2.7-0.2.1 - openSUSE 11.4 (x86_64) [New Version: 1.9.2.26]: mozilla-js192-32bit-1.9.2.26-0.2.1 mozilla-xulrunner192-32bit-1.9.2.26-0.2.1 mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.2.1 mozilla-xulrunner192-translations-common-32bit-1.9.2.26-0.2.1 mozilla-xulrunner192-translations-other-32bit-1.9.2.26-0.2.1


References

https://bugzilla.novell.com/744275--


Severity
Announcement ID: openSUSE-SU-2012:0234-1
Rating: important
Affected Products: openSUSE 11.4 led. It includes 5 new package versions.

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved