Critical Vulnerability in Mozilla XULRunner: openSUSE 2021:0465-1 Alert

opensuse

February 24, 2012

An update that fixes one vulnerability is now available

Description

Mozilla XULRunner was updated to 1.9.2.27 to fix a security

issue with the embedded libpng, where a integer overflow

could allow remote attackers to crash the browser or

potentially execute code (CVE-2011-3026),

Topics Covered

security advisory security issue remote code execution integer overflow important update openSUSE mozilla-xulrunner

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch MozillaFirefox-5825 MozillaThunderbird-5826 mozilla-js192-5832 seamonkey-5834

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 1.9.2.27,10.0.2,2.7.2 and 3.1.19]:

MozillaFirefox-10.0.2-0.2.1

MozillaFirefox-branding-upstream-10.0.2-0.2.1

MozillaFirefox-buildsymbols-10.0.2-0.2.1

MozillaFirefox-devel-10.0.2-0.2.1

MozillaFirefox-translations-common-10.0.2-0.2.1

MozillaFirefox-translations-other-10.0.2-0.2.1

MozillaThunderbird-3.1.19-0.25.1

MozillaThunderbird-buildsymbols-3.1.19-0.25.1

MozillaThunderbird-devel-3.1.19-0.25.1

MozillaThunderbird-translations-common-3.1.19-0.25.1

MozillaThunderbird-translations-other-3.1.19-0.25.1

enigmail-1.1.2+3.1.19-0.25.1

mozilla-js192-1.9.2.27-0.2.1

mozilla-xulrunner192-1.9.2.27-0.2.1

mozilla-xulrunner192-buildsymbols-1.9.2.27-0.2.1

mozilla-xulrunner192-devel-1.9.2.27-0.2.1

mozilla-xulrunner192-gnome-1.9.2.27-0.2.1

mozilla-xulrunner192-translations-common-1.9.2.27-0.2.1

mozilla-xulrunner192-translations-other-1.9.2.27-0.2.1

seamonkey-2.7.2-0.2.1

seamonkey-dom-inspector-2.7.2-0.2.1

seamonkey-irc-2.7.2-0.2.1

seamonkey-translations-common-2.7.2-0.2.1

seamonkey-tran...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2011-3026.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: openSUSE-SU-2012:0297-1

Rating: important

Affected Products: openSUSE 11.4 . It includes 5 new package versions.

Topics Covered

security advisory security issue remote code execution integer overflow important update openSUSE mozilla-xulrunner

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Critical Vulnerability in Mozilla XULRunner: openSUSE 2021:0465-1 Alert

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Critical Vulnerability in Mozilla XULRunner: openSUSE 2021:0465-1 Alert

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!