openSUSE Security Update: MozillaFirefox, MozillaThunderbird, mozilla-nss, seamonkey, xulrunner: June
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0760-1
Rating:             important
References:         #765204 
Cross-References:   CVE-2011-3101 CVE-2012-0441 CVE-2012-1937
                    CVE-2012-1938 CVE-2012-1940 CVE-2012-1941
                    CVE-2012-1944 CVE-2012-1945 CVE-2012-1946
                    CVE-2012-1947
Affected Products:
                    openSUSE 12.1
                    openSUSE 11.4
______________________________________________________________________________

   An update that fixes 10 vulnerabilities is now available.

Description:

   Changes in MozillaFirefox:
   - update to Firefox 13.0 (bnc#765204)
   * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
   Miscellaneous memory safety hazards
   * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content
   Security Policy inline-script bypass
   * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information
   disclosure though Windows file shares and shortcut files
   * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free
   while replacing/inserting a node in a document
   * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
   Buffer overflow and use-after-free issues found using
   Address Sanitizer
   - require NSS 3.13.4
   * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
   - fix sound notifications when filename/path contains a
   whitespace (bmo#749739)

   - fix build on arm

   - reenabled crashreporter for Factory/12.2 (fix in
   mozilla-gcc47.patch)

   Changes in MozillaThunderbird:
   - update to Thunderbird 13.0 (bnc#765204)
   * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
   Miscellaneous memory safety hazards
   * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content
   Security Policy inline-script bypass
   * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information
   disclosure though Windows file shares and shortcut files
   * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free
   while replacing/inserting a node in a document
   * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
   Buffer overflow and use-after-free issues found using
   Address Sanitizer
   - require NSS 3.13.4
   * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
   - fix build with system NSPR (mozilla-system-nspr.patch)
   - add dependentlibs.list for improved XRE startup
   - update enigmail to 1.4.2

   - reenabled crashreporter for Factory/12.2 (fix in
   mozilla-gcc47.patch)

   - update to Thunderbird 12.0.1
   * fix regressions
   - POP3 filters (bmo#748090)
   - Message Body not loaded when using "Fetch Headers   Only" (bmo#748865)
   - Received messages contain parts of other messages
   with movemail account (bmo#748726)
   - New mail notification issue (bmo#748997)
   - crash in nsMsgDatabase::MatchDbName (bmo#748432)

   - fixed build with gcc 4.7

   Changes in seamonkey:
   - update to Seamonkey 2.10 (bnc#765204)
   * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
   Miscellaneous memory safety hazards
   * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content
   Security Policy inline-script bypass
   * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information
   disclosure though Windows file shares and shortcut files
   * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free
   while replacing/inserting a node in a document
   * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
   Buffer overflow and use-after-free issues found using
   Address Sanitizer
   - requires NSS 3.13.4
   * MFSA 2012-39/CVE-2012-0441 (bmo#715073)

   - update to Seamonkey 2.9.1
   * fix regressions
   - POP3 filters (bmo#748090)
   - Message Body not loaded when using "Fetch Headers   Only" (bmo#748865)
   - Received messages contain parts of other messages
   with movemail account (bmo#748726)
   - New mail notification issue (bmo#748997)
   - crash in nsMsgDatabase::MatchDbName (bmo#748432)

   - fixed build with gcc 4.7

   Changes in mozilla-nss:
   - update to 3.13.5 RTM

   - update to 3.13.4 RTM
   * fixed some bugs
   * fixed cert verification regression in PKIX mode
   (bmo#737802) introduced in 3.13.2

   Changes in xulrunner:
   - update to 13.0 (bnc#765204)
   * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
   Miscellaneous memory safety hazards
   * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content
   Security Policy inline-script bypass
   * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information
   disclosure though Windows file shares and shortcut files
   * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free
   while replacing/inserting a node in a document
   * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
   Buffer overflow and use-after-free issues found using
   Address Sanitizer
   - require NSS 3.13.4
   * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
   - reenabled crashreporter for Factory/12.2 (fixed in
   mozilla-gcc47.patch)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.1:

      zypper in -t patch openSUSE-2012-333

   - openSUSE 11.4:

      zypper in -t patch openSUSE-2012-333

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.1 (i586 ia64 x86_64):

      mozilla-nss-debugsource-3.13.5-9.16.1
      xulrunner-debugsource-13.0-2.29.2

   - openSUSE 12.1 (i586 x86_64):

      MozillaFirefox-13.0-2.30.1
      MozillaFirefox-branding-upstream-13.0-2.30.1
      MozillaFirefox-buildsymbols-13.0-2.30.1
      MozillaFirefox-debuginfo-13.0-2.30.1
      MozillaFirefox-debugsource-13.0-2.30.1
      MozillaFirefox-devel-13.0-2.30.1
      MozillaFirefox-translations-common-13.0-2.30.1
      MozillaFirefox-translations-other-13.0-2.30.1
      MozillaThunderbird-13.0-33.23.2
      MozillaThunderbird-buildsymbols-13.0-33.23.2
      MozillaThunderbird-debuginfo-13.0-33.23.2
      MozillaThunderbird-debugsource-13.0-33.23.2
      MozillaThunderbird-devel-13.0-33.23.2
      MozillaThunderbird-translations-common-13.0-33.23.2
      MozillaThunderbird-translations-other-13.0-33.23.2
      chmsee-1.99.08-2.18.3
      chmsee-debuginfo-1.99.08-2.18.3
      chmsee-debugsource-1.99.08-2.18.3
      enigmail-1.4.2+13.0-33.23.2
      enigmail-debuginfo-1.4.2+13.0-33.23.2
      libfreebl3-3.13.5-9.16.1
      libfreebl3-debuginfo-3.13.5-9.16.1
      libsoftokn3-3.13.5-9.16.1
      libsoftokn3-debuginfo-3.13.5-9.16.1
      mozilla-js-13.0-2.29.2
      mozilla-js-debuginfo-13.0-2.29.2
      mozilla-nss-3.13.5-9.16.1
      mozilla-nss-certs-3.13.5-9.16.1
      mozilla-nss-certs-debuginfo-3.13.5-9.16.1
      mozilla-nss-debuginfo-3.13.5-9.16.1
      mozilla-nss-devel-3.13.5-9.16.1
      mozilla-nss-sysinit-3.13.5-9.16.1
      mozilla-nss-sysinit-debuginfo-3.13.5-9.16.1
      mozilla-nss-tools-3.13.5-9.16.1
      mozilla-nss-tools-debuginfo-3.13.5-9.16.1
      seamonkey-2.10-2.21.2
      seamonkey-debuginfo-2.10-2.21.2
      seamonkey-debugsource-2.10-2.21.2
      seamonkey-dom-inspector-2.10-2.21.2
      seamonkey-irc-2.10-2.21.2
      seamonkey-translations-common-2.10-2.21.2
      seamonkey-translations-other-2.10-2.21.2
      seamonkey-venkman-2.10-2.21.2
      xulrunner-13.0-2.29.2
      xulrunner-buildsymbols-13.0-2.29.2
      xulrunner-debuginfo-13.0-2.29.2
      xulrunner-devel-13.0-2.29.2
      xulrunner-devel-debuginfo-13.0-2.29.2

   - openSUSE 12.1 (x86_64):

      libfreebl3-32bit-3.13.5-9.16.1
      libfreebl3-debuginfo-32bit-3.13.5-9.16.1
      libsoftokn3-32bit-3.13.5-9.16.1
      libsoftokn3-debuginfo-32bit-3.13.5-9.16.1
      mozilla-js-32bit-13.0-2.29.2
      mozilla-js-debuginfo-32bit-13.0-2.29.2
      mozilla-nss-32bit-3.13.5-9.16.1
      mozilla-nss-certs-32bit-3.13.5-9.16.1
      mozilla-nss-certs-debuginfo-32bit-3.13.5-9.16.1
      mozilla-nss-debuginfo-32bit-3.13.5-9.16.1
      mozilla-nss-sysinit-32bit-3.13.5-9.16.1
      mozilla-nss-sysinit-debuginfo-32bit-3.13.5-9.16.1
      xulrunner-32bit-13.0-2.29.2
      xulrunner-debuginfo-32bit-13.0-2.29.2

   - openSUSE 12.1 (ia64):

      libfreebl3-debuginfo-x86-3.13.5-9.16.1
      libfreebl3-debuginfo-x86-debuginfo-3.13.5-9.16.1
      libfreebl3-x86-3.13.5-9.16.1
      libsoftokn3-debuginfo-x86-3.13.5-9.16.1
      libsoftokn3-debuginfo-x86-debuginfo-3.13.5-9.16.1
      libsoftokn3-x86-3.13.5-9.16.1
      mozilla-js-debuginfo-x86-13.0-2.29.2
      mozilla-js-debuginfo-x86-debuginfo-13.0-2.29.2
      mozilla-js-x86-13.0-2.29.2
      mozilla-nss-certs-debuginfo-x86-3.13.5-9.16.1
      mozilla-nss-certs-debuginfo-x86-debuginfo-3.13.5-9.16.1
      mozilla-nss-certs-x86-3.13.5-9.16.1
      mozilla-nss-debuginfo-x86-3.13.5-9.16.1
      mozilla-nss-debuginfo-x86-debuginfo-3.13.5-9.16.1
      mozilla-nss-sysinit-debuginfo-x86-3.13.5-9.16.1
      mozilla-nss-sysinit-debuginfo-x86-debuginfo-3.13.5-9.16.1
      mozilla-nss-sysinit-x86-3.13.5-9.16.1
      mozilla-nss-x86-3.13.5-9.16.1
      xulrunner-debuginfo-x86-13.0-2.29.2
      xulrunner-debuginfo-x86-debuginfo-13.0-2.29.2
      xulrunner-x86-13.0-2.29.2

   - openSUSE 11.4 (i586 ia64 x86_64):

      mozilla-nss-debugsource-3.13.5-44.1

   - openSUSE 11.4 (i586 x86_64):

      MozillaFirefox-13.0-25.2
      MozillaFirefox-branding-upstream-13.0-25.2
      MozillaFirefox-buildsymbols-13.0-25.2
      MozillaFirefox-debuginfo-13.0-25.2
      MozillaFirefox-debugsource-13.0-25.2
      MozillaFirefox-devel-13.0-25.2
      MozillaFirefox-translations-common-13.0-25.2
      MozillaFirefox-translations-other-13.0-25.2
      MozillaThunderbird-13.0-21.2
      MozillaThunderbird-buildsymbols-13.0-21.2
      MozillaThunderbird-debuginfo-13.0-21.2
      MozillaThunderbird-debugsource-13.0-21.2
      MozillaThunderbird-devel-13.0-21.2
      MozillaThunderbird-translations-common-13.0-21.2
      MozillaThunderbird-translations-other-13.0-21.2
      enigmail-1.4.2+13.0-21.2
      enigmail-debuginfo-1.4.2+13.0-21.2
      libfreebl3-3.13.5-44.1
      libfreebl3-debuginfo-3.13.5-44.1
      libsoftokn3-3.13.5-44.1
      libsoftokn3-debuginfo-3.13.5-44.1
      mozilla-nss-3.13.5-44.1
      mozilla-nss-certs-3.13.5-44.1
      mozilla-nss-certs-debuginfo-3.13.5-44.1
      mozilla-nss-debuginfo-3.13.5-44.1
      mozilla-nss-devel-3.13.5-44.1
      mozilla-nss-sysinit-3.13.5-44.1
      mozilla-nss-sysinit-debuginfo-3.13.5-44.1
      mozilla-nss-tools-3.13.5-44.1
      mozilla-nss-tools-debuginfo-3.13.5-44.1
      seamonkey-2.10-21.2
      seamonkey-debuginfo-2.10-21.2
      seamonkey-debugsource-2.10-21.2
      seamonkey-dom-inspector-2.10-21.2
      seamonkey-irc-2.10-21.2
      seamonkey-translations-common-2.10-21.2
      seamonkey-translations-other-2.10-21.2
      seamonkey-venkman-2.10-21.2

   - openSUSE 11.4 (x86_64):

      libfreebl3-32bit-3.13.5-44.1
      libfreebl3-debuginfo-32bit-3.13.5-44.1
      libsoftokn3-32bit-3.13.5-44.1
      libsoftokn3-debuginfo-32bit-3.13.5-44.1
      mozilla-nss-32bit-3.13.5-44.1
      mozilla-nss-certs-32bit-3.13.5-44.1
      mozilla-nss-certs-debuginfo-32bit-3.13.5-44.1
      mozilla-nss-debuginfo-32bit-3.13.5-44.1
      mozilla-nss-sysinit-32bit-3.13.5-44.1
      mozilla-nss-sysinit-debuginfo-32bit-3.13.5-44.1

   - openSUSE 11.4 (ia64):

      libfreebl3-debuginfo-x86-3.13.5-44.1
      libfreebl3-debuginfo-x86-debuginfo-3.13.5-44.1
      libfreebl3-x86-3.13.5-44.1
      libsoftokn3-debuginfo-x86-3.13.5-44.1
      libsoftokn3-debuginfo-x86-debuginfo-3.13.5-44.1
      libsoftokn3-x86-3.13.5-44.1
      mozilla-nss-certs-debuginfo-x86-3.13.5-44.1
      mozilla-nss-certs-debuginfo-x86-debuginfo-3.13.5-44.1
      mozilla-nss-certs-x86-3.13.5-44.1
      mozilla-nss-debuginfo-x86-3.13.5-44.1
      mozilla-nss-debuginfo-x86-debuginfo-3.13.5-44.1
      mozilla-nss-sysinit-debuginfo-x86-3.13.5-44.1
      mozilla-nss-sysinit-debuginfo-x86-debuginfo-3.13.5-44.1
      mozilla-nss-sysinit-x86-3.13.5-44.1
      mozilla-nss-x86-3.13.5-44.1


References:

   https://www.suse.com/security/cve/CVE-2011-3101.html
   https://www.suse.com/security/cve/CVE-2012-0441.html
   https://www.suse.com/security/cve/CVE-2012-1937.html
   https://www.suse.com/security/cve/CVE-2012-1938.html
   https://www.suse.com/security/cve/CVE-2012-1940.html
   https://www.suse.com/security/cve/CVE-2012-1941.html
   https://www.suse.com/security/cve/CVE-2012-1944.html
   https://www.suse.com/security/cve/CVE-2012-1945.html
   https://www.suse.com/security/cve/CVE-2012-1946.html
   https://www.suse.com/security/cve/CVE-2012-1947.html
   https://bugzilla.novell.com/765204

openSUSE: 2012:0760-1: important: MozillaFirefox, MozillaThunderbird, mozilla-nss, seamonkey, xulrunner

June 19, 2012
An update that fixes 10 vulnerabilities is now available

Description

Changes in MozillaFirefox: - update to Firefox 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix sound notifications when filename/path contains a whitespace (bmo#749739) - fix build on arm - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) Changes in MozillaThunderbird: - update to Thunderbird 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix build with system NSPR (mozilla-system-nspr.patch) - add dependentlibs.list for improved XRE startup - update enigmail to 1.4.2 - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) - update to Thunderbird 12.0.1 * fix regressions - POP3 filters (bmo#748090) - Message Body not loaded when using "Fetch Headers Only" (bmo#748865) - Received messages contain parts of other messages with movemail account (bmo#748726) - New mail notification issue (bmo#748997) - crash in nsMsgDatabase::MatchDbName (bmo#748432) - fixed build with gcc 4.7 Changes in seamonkey: - update to Seamonkey 2.10 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - requires NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - update to Seamonkey 2.9.1 * fix regressions - POP3 filters (bmo#748090) - Message Body not loaded when using "Fetch Headers Only" (bmo#748865) - Received messages contain parts of other messages with movemail account (bmo#748726) - New mail notification issue (bmo#748997) - crash in nsMsgDatabase::MatchDbName (bmo#748432) - fixed build with gcc 4.7 Changes in mozilla-nss: - update to 3.13.5 RTM - update to 3.13.4 RTM * fixed some bugs * fixed cert verification regression in PKIX mode (bmo#737802) introduced in 3.13.2 Changes in xulrunner: - update to 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - reenabled crashreporter for Factory/12.2 (fixed in mozilla-gcc47.patch)

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.1: zypper in -t patch openSUSE-2012-333 - openSUSE 11.4: zypper in -t patch openSUSE-2012-333 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 12.1 (i586 ia64 x86_64): mozilla-nss-debugsource-3.13.5-9.16.1 xulrunner-debugsource-13.0-2.29.2 - openSUSE 12.1 (i586 x86_64): MozillaFirefox-13.0-2.30.1 MozillaFirefox-branding-upstream-13.0-2.30.1 MozillaFirefox-buildsymbols-13.0-2.30.1 MozillaFirefox-debuginfo-13.0-2.30.1 MozillaFirefox-debugsource-13.0-2.30.1 MozillaFirefox-devel-13.0-2.30.1 MozillaFirefox-translations-common-13.0-2.30.1 MozillaFirefox-translations-other-13.0-2.30.1 MozillaThunderbird-13.0-33.23.2 MozillaThunderbird-buildsymbols-13.0-33.23.2 MozillaThunderbird-debuginfo-13.0-33.23.2 MozillaThunderbird-debugsource-13.0-33.23.2 MozillaThunderbird-devel-13.0-33.23.2 MozillaThunderbird-translations-common-13.0-33.23.2 MozillaThunderbird-translations-other-13.0-33.23.2 chmsee-1.99.08-2.18.3 chmsee-debuginfo-1.99.08-2.18.3 chmsee-debugsource-1.99.08-2.18.3 enigmail-1.4.2+13.0-33.23.2 enigmail-debuginfo-1.4.2+13.0-33.23.2 libfreebl3-3.13.5-9.16.1 libfreebl3-debuginfo-3.13.5-9.16.1 libsoftokn3-3.13.5-9.16.1 libsoftokn3-debuginfo-3.13.5-9.16.1 mozilla-js-13.0-2.29.2 mozilla-js-debuginfo-13.0-2.29.2 mozilla-nss-3.13.5-9.16.1 mozilla-nss-certs-3.13.5-9.16.1 mozilla-nss-certs-debuginfo-3.13.5-9.16.1 mozilla-nss-debuginfo-3.13.5-9.16.1 mozilla-nss-devel-3.13.5-9.16.1 mozilla-nss-sysinit-3.13.5-9.16.1 mozilla-nss-sysinit-debuginfo-3.13.5-9.16.1 mozilla-nss-tools-3.13.5-9.16.1 mozilla-nss-tools-debuginfo-3.13.5-9.16.1 seamonkey-2.10-2.21.2 seamonkey-debuginfo-2.10-2.21.2 seamonkey-debugsource-2.10-2.21.2 seamonkey-dom-inspector-2.10-2.21.2 seamonkey-irc-2.10-2.21.2 seamonkey-translations-common-2.10-2.21.2 seamonkey-translations-other-2.10-2.21.2 seamonkey-venkman-2.10-2.21.2 xulrunner-13.0-2.29.2 xulrunner-buildsymbols-13.0-2.29.2 xulrunner-debuginfo-13.0-2.29.2 xulrunner-devel-13.0-2.29.2 xulrunner-devel-debuginfo-13.0-2.29.2 - openSUSE 12.1 (x86_64): libfreebl3-32bit-3.13.5-9.16.1 libfreebl3-debuginfo-32bit-3.13.5-9.16.1 libsoftokn3-32bit-3.13.5-9.16.1 libsoftokn3-debuginfo-32bit-3.13.5-9.16.1 mozilla-js-32bit-13.0-2.29.2 mozilla-js-debuginfo-32bit-13.0-2.29.2 mozilla-nss-32bit-3.13.5-9.16.1 mozilla-nss-certs-32bit-3.13.5-9.16.1 mozilla-nss-certs-debuginfo-32bit-3.13.5-9.16.1 mozilla-nss-debuginfo-32bit-3.13.5-9.16.1 mozilla-nss-sysinit-32bit-3.13.5-9.16.1 mozilla-nss-sysinit-debuginfo-32bit-3.13.5-9.16.1 xulrunner-32bit-13.0-2.29.2 xulrunner-debuginfo-32bit-13.0-2.29.2 - openSUSE 12.1 (ia64): libfreebl3-debuginfo-x86-3.13.5-9.16.1 libfreebl3-debuginfo-x86-debuginfo-3.13.5-9.16.1 libfreebl3-x86-3.13.5-9.16.1 libsoftokn3-debuginfo-x86-3.13.5-9.16.1 libsoftokn3-debuginfo-x86-debuginfo-3.13.5-9.16.1 libsoftokn3-x86-3.13.5-9.16.1 mozilla-js-debuginfo-x86-13.0-2.29.2 mozilla-js-debuginfo-x86-debuginfo-13.0-2.29.2 mozilla-js-x86-13.0-2.29.2 mozilla-nss-certs-debuginfo-x86-3.13.5-9.16.1 mozilla-nss-certs-debuginfo-x86-debuginfo-3.13.5-9.16.1 mozilla-nss-certs-x86-3.13.5-9.16.1 mozilla-nss-debuginfo-x86-3.13.5-9.16.1 mozilla-nss-debuginfo-x86-debuginfo-3.13.5-9.16.1 mozilla-nss-sysinit-debuginfo-x86-3.13.5-9.16.1 mozilla-nss-sysinit-debuginfo-x86-debuginfo-3.13.5-9.16.1 mozilla-nss-sysinit-x86-3.13.5-9.16.1 mozilla-nss-x86-3.13.5-9.16.1 xulrunner-debuginfo-x86-13.0-2.29.2 xulrunner-debuginfo-x86-debuginfo-13.0-2.29.2 xulrunner-x86-13.0-2.29.2 - openSUSE 11.4 (i586 ia64 x86_64): mozilla-nss-debugsource-3.13.5-44.1 - openSUSE 11.4 (i586 x86_64): MozillaFirefox-13.0-25.2 MozillaFirefox-branding-upstream-13.0-25.2 MozillaFirefox-buildsymbols-13.0-25.2 MozillaFirefox-debuginfo-13.0-25.2 MozillaFirefox-debugsource-13.0-25.2 MozillaFirefox-devel-13.0-25.2 MozillaFirefox-translations-common-13.0-25.2 MozillaFirefox-translations-other-13.0-25.2 MozillaThunderbird-13.0-21.2 MozillaThunderbird-buildsymbols-13.0-21.2 MozillaThunderbird-debuginfo-13.0-21.2 MozillaThunderbird-debugsource-13.0-21.2 MozillaThunderbird-devel-13.0-21.2 MozillaThunderbird-translations-common-13.0-21.2 MozillaThunderbird-translations-other-13.0-21.2 enigmail-1.4.2+13.0-21.2 enigmail-debuginfo-1.4.2+13.0-21.2 libfreebl3-3.13.5-44.1 libfreebl3-debuginfo-3.13.5-44.1 libsoftokn3-3.13.5-44.1 libsoftokn3-debuginfo-3.13.5-44.1 mozilla-nss-3.13.5-44.1 mozilla-nss-certs-3.13.5-44.1 mozilla-nss-certs-debuginfo-3.13.5-44.1 mozilla-nss-debuginfo-3.13.5-44.1 mozilla-nss-devel-3.13.5-44.1 mozilla-nss-sysinit-3.13.5-44.1 mozilla-nss-sysinit-debuginfo-3.13.5-44.1 mozilla-nss-tools-3.13.5-44.1 mozilla-nss-tools-debuginfo-3.13.5-44.1 seamonkey-2.10-21.2 seamonkey-debuginfo-2.10-21.2 seamonkey-debugsource-2.10-21.2 seamonkey-dom-inspector-2.10-21.2 seamonkey-irc-2.10-21.2 seamonkey-translations-common-2.10-21.2 seamonkey-translations-other-2.10-21.2 seamonkey-venkman-2.10-21.2 - openSUSE 11.4 (x86_64): libfreebl3-32bit-3.13.5-44.1 libfreebl3-debuginfo-32bit-3.13.5-44.1 libsoftokn3-32bit-3.13.5-44.1 libsoftokn3-debuginfo-32bit-3.13.5-44.1 mozilla-nss-32bit-3.13.5-44.1 mozilla-nss-certs-32bit-3.13.5-44.1 mozilla-nss-certs-debuginfo-32bit-3.13.5-44.1 mozilla-nss-debuginfo-32bit-3.13.5-44.1 mozilla-nss-sysinit-32bit-3.13.5-44.1 mozilla-nss-sysinit-debuginfo-32bit-3.13.5-44.1 - openSUSE 11.4 (ia64): libfreebl3-debuginfo-x86-3.13.5-44.1 libfreebl3-debuginfo-x86-debuginfo-3.13.5-44.1 libfreebl3-x86-3.13.5-44.1 libsoftokn3-debuginfo-x86-3.13.5-44.1 libsoftokn3-debuginfo-x86-debuginfo-3.13.5-44.1 libsoftokn3-x86-3.13.5-44.1 mozilla-nss-certs-debuginfo-x86-3.13.5-44.1 mozilla-nss-certs-debuginfo-x86-debuginfo-3.13.5-44.1 mozilla-nss-certs-x86-3.13.5-44.1 mozilla-nss-debuginfo-x86-3.13.5-44.1 mozilla-nss-debuginfo-x86-debuginfo-3.13.5-44.1 mozilla-nss-sysinit-debuginfo-x86-3.13.5-44.1 mozilla-nss-sysinit-debuginfo-x86-debuginfo-3.13.5-44.1 mozilla-nss-sysinit-x86-3.13.5-44.1 mozilla-nss-x86-3.13.5-44.1


References

https://www.suse.com/security/cve/CVE-2011-3101.html https://www.suse.com/security/cve/CVE-2012-0441.html https://www.suse.com/security/cve/CVE-2012-1937.html https://www.suse.com/security/cve/CVE-2012-1938.html https://www.suse.com/security/cve/CVE-2012-1940.html https://www.suse.com/security/cve/CVE-2012-1941.html https://www.suse.com/security/cve/CVE-2012-1944.html https://www.suse.com/security/cve/CVE-2012-1945.html https://www.suse.com/security/cve/CVE-2012-1946.html https://www.suse.com/security/cve/CVE-2012-1947.html https://bugzilla.novell.com/765204


Severity
Announcement ID: openSUSE-SU-2012:0760-1
Rating: important
Affected Products: openSUSE 12.1 openSUSE 11.4 .

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved