openSUSE: 2012:1345-1 Important: MozillaFirefox Memory Safety Update
opensuse
October 15, 2012
An update that fixes 25 vulnerabilities is now available.
Description
The Mozilla suite received following security updates
(bnc#783533):
Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey
was updated to 2.13.1. Mozilla Thunderbird was updated to
16.0.1. Mozilla XULRunner was updated to 16.0.1.
* MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous
memory safety hazards
* MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952,
bmo#720619) defaultValue security checks not applied
* MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous
memory safety hazards
* MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element
persistance allows for attacks
* MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued
access to initial origin after setting document.domain
* MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some
DOMWindowUtils methods bypass security checks
* MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash
with full screen and history navigation
* MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with
...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.2:
zypper in -t patch openSUSE-2012-709
- openSUSE 12.1:
zypper in -t patch openSUSE-2012-709
- openSUSE 11.4:
zypper in -t patch openSUSE-2012-709
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 12.2 (i586 x86_64):
MozillaFirefox-16.0.1-2.17.1
MozillaFirefox-branding-upstream-16.0.1-2.17.1
MozillaFirefox-buildsymbols-16.0.1-2.17.1
MozillaFirefox-debuginfo-16.0.1-2.17.1
MozillaFirefox-debugsource-16.0.1-2.17.1
MozillaFirefox-devel-16.0.1-2.17.1
MozillaFirefox-translations-common-16.0.1-2.17.1
MozillaFirefox-translations-other-16.0.1-2.17.1
MozillaThunderbird-16.0.1-49.15.1
MozillaThunderbird-buildsymbols-16.0.1-49.15.1
MozillaThunderbird-debuginfo-16.0.1-49.15.1
MozillaThunderbird-debugsource-16.0.1-49.15.1
MozillaThunderbird-devel-16.0.1-49.15.1
MozillaThunderbird-devel-debuginfo-16.0.1-49.15.1
MozillaThunderbird-translations-common-16.0.1-49.15.1
MozillaThunderbird-translations-other-16.0.1-49.15.1
enigmail-1.4.5.+16.0.1-49.15.1
enigmail-debuginfo-1.4.5.+16.0.1-49.15.1
mozilla-js-16.0.1-2.14.1
mozilla-js-debuginfo-16.0.1-2.14.1
mozilla-kde4-integration-0.6.4-10.4.1
mozilla-kde4-integration-debuginfo-0.6.4-10.4.1
mozilla-kde4-integration-debugsource-0.6.4-10.4.1
seamonkey-2.13.1-2.18.1
seam...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2012-3982.html
https://www.suse.com/security/cve/CVE-2012-3983.html
https://www.suse.com/security/cve/CVE-2012-3984.html
https://www.suse.com/security/cve/CVE-2012-3985.html
https://www.suse.com/security/cve/CVE-2012-3986.html
https://www.suse.com/security/cve/CVE-2012-3988.html
https://www.suse.com/security/cve/CVE-2012-3989.html
https://www.suse.com/security/cve/CVE-2012-3990.html
https://www.suse.com/security/cve/CVE-2012-3991.html
https://www.suse.com/security/cve/CVE-2012-3992.html
https://www.suse.com/security/cve/CVE-2012-3993.html
https://www.suse.com/security/cve/CVE-2012-3994.html
https://www.suse.com/security/cve/CVE-2012-3995.html
https://www.suse.com/security/cve/CVE-2012-4179.html
https://www.suse.com/security/cve/CVE-2012-4180.html
https://www.suse.com/security/cve/CVE-2012-4182.html
https://www.suse.com/security/cve/CVE-2012-4183.html
https://www.suse.com/security/cve/CVE-2012-4184.html
https://www.suse.com/security/cve/CVE-2012-4185.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2012:1345-1
Rating: important
Affected Products:
openSUSE 12.2
openSUSE 12.1
openSUSE 11.4
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!