openSUSE 11.4: 2014:1100-1 Critical: Firefox 31.1esr Security Update
opensuse
September 9, 2014
An update that fixes 475 vulnerabilities is now available
Description
This patch contains security updates for
* mozilla-nss 3.16.4
- The following 1024-bit root CA certificate was restored to allow more
time to develop a better transition strategy for affected sites. It
was removed in NSS 3.16.3, but discussion in the
mozilla.dev.security.policy forum led to the decision to keep this
root included longer in order to give website administrators more time
to update their web servers.
- CN = GTE CyberTrust Global Root
* In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification
Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit
intermediate CA certificate has been included, without explicit trust.
The intention is to mitigate the effects of the previous removal of
the 1024-bit Entrust.net root certificate, because many public
Internet sites still use the "USERTrust Legacy Secure Server CA"
intermediate certificate that is...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch 2014-82
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 11.4 (i586 x86_64):
MozillaFirefox-24.8.0-127.1
MozillaFirefox-branding-upstream-24.8.0-127.1
MozillaFirefox-buildsymbols-24.8.0-127.1
MozillaFirefox-debuginfo-24.8.0-127.1
MozillaFirefox-debugsource-24.8.0-127.1
MozillaFirefox-devel-24.8.0-127.1
MozillaFirefox-translations-common-24.8.0-127.1
MozillaFirefox-translations-other-24.8.0-127.1
libfreebl3-3.16.4-94.1
libfreebl3-debuginfo-3.16.4-94.1
libsoftokn3-3.16.4-94.1
libsoftokn3-debuginfo-3.16.4-94.1
mozilla-nss-3.16.4-94.1
mozilla-nss-certs-3.16.4-94.1
mozilla-nss-certs-debuginfo-3.16.4-94.1
mozilla-nss-debuginfo-3.16.4-94.1
mozilla-nss-debugsource-3.16.4-94.1
mozilla-nss-devel-3.16.4-94.1
mozilla-nss-sysinit-3.16.4-94.1
mozilla-nss-sysinit-debuginfo-3.16.4-94.1
mozilla-nss-tools-3.16.4-94.1
mozilla-nss-tools-debuginfo-3.16.4-94.1
- openSUSE 11.4 (x86_64):
libfreebl3-32bit-3.16.4-94.1
libfreebl3-debuginfo-32bit-3.16.4-94.1
libsoftokn3-32bit-3.16.4-94.1
libsoftokn3-debuginfo-32bit-3.16.4-94.1
mozilla-nss-32bit-3.16.4-94.1
mozilla-nss-certs-32bit-3.16.4...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2007-3089.html
https://www.suse.com/security/cve/CVE-2007-3285.html
https://www.suse.com/security/cve/CVE-2007-3656.html
https://www.suse.com/security/cve/CVE-2007-3670.html
https://www.suse.com/security/cve/CVE-2007-3734.html
https://www.suse.com/security/cve/CVE-2007-3735.html
https://www.suse.com/security/cve/CVE-2007-3736.html
https://www.suse.com/security/cve/CVE-2007-3737.html
https://www.suse.com/security/cve/CVE-2007-3738.html
https://www.suse.com/security/cve/CVE-2008-0016.html
https://www.suse.com/security/cve/CVE-2008-1233.html
https://www.suse.com/security/cve/CVE-2008-1234.html
https://www.suse.com/security/cve/CVE-2008-1235.html
https://www.suse.com/security/cve/CVE-2008-1236.html
https://www.suse.com/security/cve/CVE-2008-1237.html
https://www.suse.com/security/cve/CVE-2008-3835.html
https://www.suse.com/security/cve/CVE-2008-4058.html
https://www.suse.com/security/cve/CVE-2008-4059.html
https://www.suse.com/security/cve/CVE-2008-4060.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2014:1100-1
Rating: important
Affected Products:
openSUSE 11.4
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!