openSUSE: 2012:0760-1 Important: MozillaFirefox Thunderbird Fix
opensuse
June 19, 2012
An update that fixes 10 vulnerabilities is now available
Description
Changes in MozillaFirefox:
- update to Firefox 13.0 (bnc#765204)
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
Miscellaneous memory safety hazards
* MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content
Security Policy inline-script bypass
* MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information
disclosure though Windows file shares and shortcut files
* MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free
while replacing/inserting a node in a document
* MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
Buffer overflow and use-after-free issues found using
Address Sanitizer
- require NSS 3.13.4
* MFSA 2012-39/CVE-2012-0441 (bmo#715073)
- fix sound notifications when filename/path contains a
whitespace (bmo#749739)
- fix build on arm
- reenabled crashreporter for Factory/12.2 (fix in
mozilla-gcc47.patch)
Changes in MozillaThunderbird:
- update to Thunderbird 13.0 (bnc#765204)
* MFSA...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.1:
zypper in -t patch openSUSE-2012-333
- openSUSE 11.4:
zypper in -t patch openSUSE-2012-333
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 12.1 (i586 ia64 x86_64):
mozilla-nss-debugsource-3.13.5-9.16.1
xulrunner-debugsource-13.0-2.29.2
- openSUSE 12.1 (i586 x86_64):
MozillaFirefox-13.0-2.30.1
MozillaFirefox-branding-upstream-13.0-2.30.1
MozillaFirefox-buildsymbols-13.0-2.30.1
MozillaFirefox-debuginfo-13.0-2.30.1
MozillaFirefox-debugsource-13.0-2.30.1
MozillaFirefox-devel-13.0-2.30.1
MozillaFirefox-translations-common-13.0-2.30.1
MozillaFirefox-translations-other-13.0-2.30.1
MozillaThunderbird-13.0-33.23.2
MozillaThunderbird-buildsymbols-13.0-33.23.2
MozillaThunderbird-debuginfo-13.0-33.23.2
MozillaThunderbird-debugsource-13.0-33.23.2
MozillaThunderbird-devel-13.0-33.23.2
MozillaThunderbird-translations-common-13.0-33.23.2
MozillaThunderbird-translations-other-13.0-33.23.2
chmsee-1.99.08-2.18.3
chmsee-debuginfo-1.99.08-2.18.3
chmsee-debugsource-1.99.08-2.18.3
enigmail-1.4.2+13.0-33.23.2
enigmail-debuginfo-1.4.2+13.0-33.23.2
libfreebl3-3.13.5-9.16.1
libfreebl3-debuginfo-3.13.5-9.16.1
libsoftokn3-3.13.5-9.16.1
libsoftokn3-debuginfo-3.13.5-9...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2011-3101.html
https://www.suse.com/security/cve/CVE-2012-0441.html
https://www.suse.com/security/cve/CVE-2012-1937.html
https://www.suse.com/security/cve/CVE-2012-1938.html
https://www.suse.com/security/cve/CVE-2012-1940.html
https://www.suse.com/security/cve/CVE-2012-1941.html
https://www.suse.com/security/cve/CVE-2012-1944.html
https://www.suse.com/security/cve/CVE-2012-1945.html
https://www.suse.com/security/cve/CVE-2012-1946.html
https://www.suse.com/security/cve/CVE-2012-1947.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2012:0760-1
Rating: important
Affected Products:
openSUSE 12.1
openSUSE 11.4
.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!