openSUSE 13.1 Important Security Update: MozillaFirefox 40.0 Fixes
opensuse
August 14, 2015
An update that fixes 21 vulnerabilities is now available
Description
- update to Firefox 40.0 (bnc#940806)
* Added protection against unwanted software downloads
* Suggested Tiles show sites of interest, based on categories from your
recent browsing history
* Hello allows adding a link to conversations to provide context
on what the conversation will be about
* New style for add-on manager based on the in-content preferences style
* Improved scrolling, graphics, and video playback performance with off
main thread compositing (GNU/Linux only)
* Graphic blocklist mechanism improved: Firefox version ranges can be
specified, limiting the number of devices blocked security fixes:
* MFSA 2015-79/CVE-2015-4473/CVE-2015-4474 Miscellaneous memory safety
hazards
* MFSA 2015-80/CVE-2015-4475 (bmo#1175396) Out-of-bounds read with
malformed MP3 file
* MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream
playback
* MFSA 2015-82/CVE-2015-4478...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-547=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 13.1 (i586 x86_64):
MozillaFirefox-40.0-82.1
MozillaFirefox-branding-openSUSE-40-2.3.1
MozillaFirefox-branding-upstream-40.0-82.1
MozillaFirefox-buildsymbols-40.0-82.1
MozillaFirefox-debuginfo-40.0-82.1
MozillaFirefox-debugsource-40.0-82.1
MozillaFirefox-devel-40.0-82.1
MozillaFirefox-translations-common-40.0-82.1
MozillaFirefox-translations-other-40.0-82.1
References
https://www.suse.com/security/cve/CVE-2015-4473.html
https://www.suse.com/security/cve/CVE-2015-4474.html
https://www.suse.com/security/cve/CVE-2015-4475.html
https://www.suse.com/security/cve/CVE-2015-4477.html
https://www.suse.com/security/cve/CVE-2015-4478.html
https://www.suse.com/security/cve/CVE-2015-4479.html
https://www.suse.com/security/cve/CVE-2015-4480.html
https://www.suse.com/security/cve/CVE-2015-4481.html
https://www.suse.com/security/cve/CVE-2015-4482.html
https://www.suse.com/security/cve/CVE-2015-4483.html
https://www.suse.com/security/cve/CVE-2015-4484.html
https://www.suse.com/security/cve/CVE-2015-4485.html
https://www.suse.com/security/cve/CVE-2015-4486.html
https://www.suse.com/security/cve/CVE-2015-4487.html
https://www.suse.com/security/cve/CVE-2015-4488.html
https://www.suse.com/security/cve/CVE-2015-4489.html
https://www.suse.com/security/cve/CVE-2015-4490.html
https://www.suse.com/security/cve/CVE-2015-4491.html
https://www.suse.com/security/cve/CVE-2015-4492.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2015:1390-1
Rating: important
Affected Products:
openSUSE 13.1
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!