openSUSE 12.2/12.3: 2013:1348-1 Important: Mozilla Software Update
opensuse
August 16, 2013
An update that fixes 11 vulnerabilities is now available
Description
Changes in seamonkey:
- update to SeaMonkey 2.20 (bnc#833389)
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous
memory safety hazards
* MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free
mutating DOM during SetBody
* MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer
underflow when generating CRMF requests
* MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during
WAV audio file decoding
* MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI
misrepresentation and masquerading
* MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests
allow for code execution and XSS attacks
* MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of
XrayWrappers using XBL Scopes
* MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal
used for validating URI for some Javascript components
* MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin
bypass with web workers and XMLHttpRequest
* MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
Local...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.3:
zypper in -t patch openSUSE-2013-652
- openSUSE 12.2:
zypper in -t patch openSUSE-2013-652
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 12.3 (i586 x86_64):
MozillaFirefox-23.0-1.29.1
MozillaFirefox-branding-upstream-23.0-1.29.1
MozillaFirefox-buildsymbols-23.0-1.29.1
MozillaFirefox-debuginfo-23.0-1.29.1
MozillaFirefox-debugsource-23.0-1.29.1
MozillaFirefox-devel-23.0-1.29.1
MozillaFirefox-translations-common-23.0-1.29.1
MozillaFirefox-translations-other-23.0-1.29.1
MozillaThunderbird-17.0.8-61.21.2
MozillaThunderbird-buildsymbols-17.0.8-61.21.2
MozillaThunderbird-debuginfo-17.0.8-61.21.2
MozillaThunderbird-debugsource-17.0.8-61.21.2
MozillaThunderbird-devel-17.0.8-61.21.2
MozillaThunderbird-devel-debuginfo-17.0.8-61.21.2
MozillaThunderbird-translations-common-17.0.8-61.21.2
MozillaThunderbird-translations-other-17.0.8-61.21.2
enigmail-1.5.2+17.0.8-61.21.2
enigmail-debuginfo-1.5.2+17.0.8-61.21.2
libfreebl3-3.15.1-1.12.1
libfreebl3-debuginfo-3.15.1-1.12.1
libsoftokn3-3.15.1-1.12.1
libsoftokn3-debuginfo-3.15.1-1.12.1
mozilla-js-17.0.8-1.24.1
mozilla-js-debuginfo-17.0.8-1.24.1
mozilla-nspr-4.10-1.14.1
mozilla-nspr-debuginfo-4.10-1.14.1
mo...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2013-1701.html
https://www.suse.com/security/cve/CVE-2013-1702.html
https://www.suse.com/security/cve/CVE-2013-1704.html
https://www.suse.com/security/cve/CVE-2013-1705.html
https://www.suse.com/security/cve/CVE-2013-1708.html
https://www.suse.com/security/cve/CVE-2013-1709.html
https://www.suse.com/security/cve/CVE-2013-1710.html
https://www.suse.com/security/cve/CVE-2013-1711.html
https://www.suse.com/security/cve/CVE-2013-1713.html
https://www.suse.com/security/cve/CVE-2013-1714.html
https://www.suse.com/security/cve/CVE-2013-1717.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2013:1348-1
Rating: important
Affected Products:
openSUSE 12.3
openSUSE 12.2
.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!