openSUSE 13.2 & 13.1: 2015:1658-1 Important MozillaFirefox Security Update
opensuse
October 1, 2015
An update that fixes 27 vulnerabilities is now available.
Description
MozillaFirefox was updated to Firefox 41.0 (bnc#947003)
Security issues fixed:
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety
hazards
* MFSA 2015-97/CVE-2015-4503 (bmo#994337) Memory leak in mozTCPSocket to
servers * MFSA 2015-98/CVE-2015-4504 (bmo#1132467) Out of bounds read in QCMS
library with ICC V4 profile attributes
* MFSA 2015-99/CVE-2015-4476 (bmo#1162372) (Android only) Site attribute
spoofing on Android by pasting URL with unknown scheme
* MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only) Arbitrary file
manipulation by local user through Mozilla updater
* MFSA 2015-101/CVE-2015-4506 (bmo#1192226) Buffer overflow in libvpx
while parsing vp9 format video
* MFSA 2015-102/CVE-2015-4507 (bmo#1192401) Crash when using debugger with
SavedStacks in JavaScript
* MFSA 2015-103/CVE-2015-4508 (bmo#1195976) URL spoofing in reader mode
* MFSA 2015-104/CVE-2015-4510 (bmo#1200004)...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2015-619=1
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-619=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 13.2 (i586 x86_64):
MozillaFirefox-41.0-44.1
MozillaFirefox-branding-upstream-41.0-44.1
MozillaFirefox-buildsymbols-41.0-44.1
MozillaFirefox-debuginfo-41.0-44.1
MozillaFirefox-debugsource-41.0-44.1
MozillaFirefox-devel-41.0-44.1
MozillaFirefox-translations-common-41.0-44.1
MozillaFirefox-translations-other-41.0-44.1
- openSUSE 13.1 (i586 x86_64):
MozillaFirefox-41.0-88.1
MozillaFirefox-branding-upstream-41.0-88.1
MozillaFirefox-buildsymbols-41.0-88.1
MozillaFirefox-debuginfo-41.0-88.1
MozillaFirefox-debugsource-41.0-88.1
MozillaFirefox-devel-41.0-88.1
MozillaFirefox-translations-common-41.0-88.1
MozillaFirefox-translations-other-41.0-88.1
References
https://www.suse.com/security/cve/CVE-2015-4476.html
https://www.suse.com/security/cve/CVE-2015-4500.html
https://www.suse.com/security/cve/CVE-2015-4501.html
https://www.suse.com/security/cve/CVE-2015-4502.html
https://www.suse.com/security/cve/CVE-2015-4503.html
https://www.suse.com/security/cve/CVE-2015-4504.html
https://www.suse.com/security/cve/CVE-2015-4505.html
https://www.suse.com/security/cve/CVE-2015-4506.html
https://www.suse.com/security/cve/CVE-2015-4507.html
https://www.suse.com/security/cve/CVE-2015-4508.html
https://www.suse.com/security/cve/CVE-2015-4509.html
https://www.suse.com/security/cve/CVE-2015-4510.html
https://www.suse.com/security/cve/CVE-2015-4511.html
https://www.suse.com/security/cve/CVE-2015-4512.html
https://www.suse.com/security/cve/CVE-2015-4516.html
https://www.suse.com/security/cve/CVE-2015-4517.html
https://www.suse.com/security/cve/CVE-2015-4519.html
https://www.suse.com/security/cve/CVE-2015-4520.html
https://www.suse.com/security/cve/CVE-2015-4521.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2015:1658-1
Rating: important
Affected Products:
openSUSE 13.2
openSUSE 13.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!