openSUSE 13.1: 2014:0939-1 Important: Mozilla Firefox Critical Update
opensuse
July 30, 2014
An update that fixes 13 vulnerabilities is now available
Description
MozillaFirefox was updated to version 31 to fix various security issues
and bugs:
* MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety
hazards
* MFSA 2014-57/CVE-2014-1549 (bmo#1020205) Buffer overflow during Web
Audio buffering for playback
* MFSA 2014-58/CVE-2014-1550 (bmo#1020411) Use-after-free in Web Audio due
to incorrect control message ordering
* MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375) Toolbar dialog
customization event spoofing
* MFSA 2014-61/CVE-2014-1555 (bmo#1023121) Use-after-free with
FireOnStateChange event
* MFSA 2014-62/CVE-2014-1556 (bmo#1028891) Exploitable WebGL crash with
Cesium JavaScript library
* MFSA 2014-63/CVE-2014-1544 (bmo#963150) Use-after-free while when
manipulating certificates in the trusted cache (solved with NSS 3.16.2
requirement)
* MFSA 2014-64/CVE-2014-1557 (bmo#913805) Crash in Skia library when
scaling high quality images
* MFSA...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2014-
- openSUSE 12.3:
zypper in -t patch openSUSE-2014-
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 13.1 (i586 x86_64):
MozillaFirefox-31.0-33.1
MozillaFirefox-branding-upstream-31.0-33.1
MozillaFirefox-buildsymbols-31.0-33.1
MozillaFirefox-debuginfo-31.0-33.1
MozillaFirefox-debugsource-31.0-33.1
MozillaFirefox-devel-31.0-33.1
MozillaFirefox-translations-common-31.0-33.1
MozillaFirefox-translations-other-31.0-33.1
libfreebl3-3.16.3-27.1
libfreebl3-debuginfo-3.16.3-27.1
libsoftokn3-3.16.3-27.1
libsoftokn3-debuginfo-3.16.3-27.1
mozilla-nss-3.16.3-27.1
mozilla-nss-certs-3.16.3-27.1
mozilla-nss-certs-debuginfo-3.16.3-27.1
mozilla-nss-debuginfo-3.16.3-27.1
mozilla-nss-debugsource-3.16.3-27.1
mozilla-nss-devel-3.16.3-27.1
mozilla-nss-sysinit-3.16.3-27.1
mozilla-nss-sysinit-debuginfo-3.16.3-27.1
mozilla-nss-tools-3.16.3-27.1
mozilla-nss-tools-debuginfo-3.16.3-27.1
- openSUSE 13.1 (x86_64):
libfreebl3-32bit-3.16.3-27.1
libfreebl3-debuginfo-32bit-3.16.3-27.1
libsoftokn3-32bit-3.16.3-27.1
libsoftokn3-debuginfo-32bit-3.16.3-27.1
mozilla-nss-32bit-3.16.3-27.1
mozilla-nss-certs-32bit-3.16.3-27.1
mozilla-nss-certs-d...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2014-1544.html
https://www.suse.com/security/cve/CVE-2014-1547.html
https://www.suse.com/security/cve/CVE-2014-1548.html
https://www.suse.com/security/cve/CVE-2014-1549.html
https://www.suse.com/security/cve/CVE-2014-1550.html
https://www.suse.com/security/cve/CVE-2014-1552.html
https://www.suse.com/security/cve/CVE-2014-1555.html
https://www.suse.com/security/cve/CVE-2014-1556.html
https://www.suse.com/security/cve/CVE-2014-1557.html
https://www.suse.com/security/cve/CVE-2014-1558.html
https://www.suse.com/security/cve/CVE-2014-1559.html
https://www.suse.com/security/cve/CVE-2014-1560.html
https://www.suse.com/security/cve/CVE-2014-1561.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2014:0939-1
Rating: important
Affected Products:
openSUSE 13.1
openSUSE 12.3
.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!