openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:1681-1
Rating:             important
References:         #935979 #947003 
Cross-References:   CVE-2015-4500 CVE-2015-4501 CVE-2015-4502
                    CVE-2015-4503 CVE-2015-4504 CVE-2015-4505
                    CVE-2015-4506 CVE-2015-4507 CVE-2015-4509
                    CVE-2015-4510 CVE-2015-4511 CVE-2015-4512
                    CVE-2015-4516 CVE-2015-4517 CVE-2015-4519
                    CVE-2015-4520 CVE-2015-4521 CVE-2015-4522
                    CVE-2015-7174 CVE-2015-7175 CVE-2015-7176
                    CVE-2015-7177 CVE-2015-7178 CVE-2015-7179
                    CVE-2015-7180
Affected Products:
                    openSUSE 13.2
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes 25 vulnerabilities is now available.

Description:

   seamonkey was updated to fix 25 security issues.

   These security issues were fixed:
   - CVE-2015-4520: Mozilla Firefox before 41.0 and Firefox ESR 38.x before
     38.3 allowed remote attackers to bypass CORS preflight protection
     mechanisms by leveraging (1) duplicate cache-key generation or (2)
     retrieval of a value from an incorrect HTTP Access-Control-* response
     header (bsc#947003).
   - CVE-2015-4521: The ConvertDialogOptions function in Mozilla Firefox
     before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote
     attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors (bsc#947003).
   - CVE-2015-4522: The nsUnicodeToUTF8::GetMaxLength function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed
     remote attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors, related to an "overflow (bsc#947003).
   - CVE-2015-4502: js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0
     mishandled certain receiver arguments, which allowed remote attackers to
     bypass intended window access restrictions via a crafted web site
     (bsc#947003).
   - CVE-2015-4503: The TCP Socket API implementation in Mozilla Firefox
     before 41.0 mishandled array boundaries that were established with a
     navigator.mozTCPSocket.open method call and send method calls, which
     allowed remote TCP servers to obtain sensitive information from process
     memory by reading packet data, as demonstrated by availability of this
     API in a Firefox OS application (bsc#947003).
   - CVE-2015-4500: Multiple unspecified vulnerabilities in the browser
     engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3
     allowed remote attackers to cause a denial of service (memory corruption
     and application crash) or possibly execute arbitrary code via unknown
     vectors (bsc#947003).
   - CVE-2015-4501: Multiple unspecified vulnerabilities in the browser
     engine in Mozilla Firefox before 41.0 allowed remote attackers to cause
     a denial of service (memory corruption and application crash) or
     possibly execute arbitrary code via unknown vectors (bsc#947003).
   - CVE-2015-4506: Buffer overflow in the vp9_init_context_buffers function
     in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x
     before 38.3, allowed remote attackers to execute arbitrary code via a
     crafted VP9 file (bsc#947003).
   - CVE-2015-4507: The SavedStacks class in the JavaScript implementation in
     Mozilla Firefox before 41.0, when the Debugger API is enabled, allowed
     remote attackers to cause a denial of service (getSlotRef assertion
     failure and application exit) or possibly execute arbitrary code via a
     crafted web site (bsc#947003).
   - CVE-2015-4504: The lut_inverse_interp16 function in the QCMS library in
     Mozilla Firefox before 41.0 allowed remote attackers to obtain sensitive
     information or cause a denial of service (buffer over-read and
     application crash) via crafted attributes in the ICC 4 profile of an
     image (bsc#947003).
   - CVE-2015-4505: updater.exe in Mozilla Firefox before 41.0 and Firefox
     ESR 38.x before 38.3 on Windows allowed local users to write to
     arbitrary files by conducting a junction attack and waiting for an
     update operation by the Mozilla Maintenance Service (bsc#947003).
   - CVE-2015-7180: The ReadbackResultWriterD3D11::Run function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the
     return value of a function call, which might allowed remote attackers to
     cause a denial of service (memory corruption and application crash) or
     possibly have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-4509: Use-after-free vulnerability in the HTMLVideoElement
     interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before
     38.3 allowed remote attackers to execute arbitrary code via crafted
     JavaScript code that modifies the URI table of a media element, aka
     ZDI-CAN-3176 (bsc#947003).
   - CVE-2015-7178: The ProgramBinary::linkAttributes function in libGLES in
     ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x
     before 38.3 on Windows, mishandles shader access, which allowed remote
     attackers to execute arbitrary code or cause a denial of service (memory
     corruption and application crash) via crafted (1) OpenGL or (2) WebGL
     content (bsc#947003).
   - CVE-2015-7179: The VertexBufferInterface::reserveVertexSpace function in
     libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR
     38.x before 38.3 on Windows, incorrectly allocates memory for shader
     attribute arrays, which allowed remote attackers to execute arbitrary
     code or cause a denial of service (buffer overflow and application
     crash) via crafted (1) OpenGL or (2) WebGL content (bsc#947003).
   - CVE-2015-7176: The AnimationThread function in Mozilla Firefox before
     41.0 and Firefox ESR 38.x before 38.3 used an incorrect argument to the
     sscanf function, which might allowed remote attackers to cause a denial
     of service (stack-based buffer overflow and application crash) or
     possibly have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-7177: The InitTextures function in Mozilla Firefox before 41.0
     and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause
     a denial of service (memory corruption and application crash) or
     possibly have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-7174: The nsAttrAndChildArray::GrowBy function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed
     remote attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors, related to an "overflow (bsc#947003).
   - CVE-2015-7175: The XULContentSinkImpl::AddText function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed
     remote attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors, related to an "overflow (bsc#947003).
   - CVE-2015-4511: Heap-based buffer overflow in the
     nestegg_track_codec_data function in Mozilla Firefox before 41.0 and
     Firefox ESR 38.x before 38.3 allowed remote attackers to execute
     arbitrary code via a crafted header in a WebM video (bsc#947003).
   - CVE-2015-4510: Race condition in the WorkerPrivate::NotifyFeatures
     function in Mozilla Firefox before 41.0 allowed remote attackers to
     execute arbitrary code or cause a denial of service (use-after-free and
     application crash) by leveraging improper interaction between shared
     workers and the IndexedDB implementation (bsc#947003).
   - CVE-2015-4512: gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before
     41.0 on Linux improperly attempts to use the Cairo library with 32-bit
     color-depth surface creation followed by 16-bit color-depth surface
     display, which allowed remote attackers to obtain sensitive information
     from process memory or cause a denial of service (out-of-bounds read) by
     using a CANVAS element to trigger 2D rendering (bsc#947003).
   - CVE-2015-4517: NetworkUtils.cpp in Mozilla Firefox before 41.0 and
     Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a
     denial of service (memory corruption and application crash) or possibly
     have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-4516: Mozilla Firefox before 41.0 allowed remote attackers to
     bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and
     modify immutable properties, and consequently execute arbitrary
     JavaScript code with chrome privileges, via a crafted web page that did
     not use ES5 APIs (bsc#947003).
   - CVE-2015-4519: Mozilla Firefox before 41.0 and Firefox ESR 38.x before
     38.3 allowed user-assisted remote attackers to bypass intended access
     restrictions and discover a redirect's target URL via crafted JavaScript
     code that executes after a drag-and-drop action of an image into a
     TEXTBOX element (bsc#947003).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2015-632=1

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2015-632=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.2 (i586 x86_64):

      seamonkey-2.38-20.2
      seamonkey-debuginfo-2.38-20.2
      seamonkey-debugsource-2.38-20.2
      seamonkey-dom-inspector-2.38-20.2
      seamonkey-irc-2.38-20.2
      seamonkey-translations-common-2.38-20.2
      seamonkey-translations-other-2.38-20.2

   - openSUSE 13.1 (i586 x86_64):

      seamonkey-2.38-56.1
      seamonkey-debuginfo-2.38-56.1
      seamonkey-debugsource-2.38-56.1
      seamonkey-dom-inspector-2.38-56.1
      seamonkey-irc-2.38-56.1
      seamonkey-translations-common-2.38-56.1
      seamonkey-translations-other-2.38-56.1


References:

   https://www.suse.com/security/cve/CVE-2015-4500.html
   https://www.suse.com/security/cve/CVE-2015-4501.html
   https://www.suse.com/security/cve/CVE-2015-4502.html
   https://www.suse.com/security/cve/CVE-2015-4503.html
   https://www.suse.com/security/cve/CVE-2015-4504.html
   https://www.suse.com/security/cve/CVE-2015-4505.html
   https://www.suse.com/security/cve/CVE-2015-4506.html
   https://www.suse.com/security/cve/CVE-2015-4507.html
   https://www.suse.com/security/cve/CVE-2015-4509.html
   https://www.suse.com/security/cve/CVE-2015-4510.html
   https://www.suse.com/security/cve/CVE-2015-4511.html
   https://www.suse.com/security/cve/CVE-2015-4512.html
   https://www.suse.com/security/cve/CVE-2015-4516.html
   https://www.suse.com/security/cve/CVE-2015-4517.html
   https://www.suse.com/security/cve/CVE-2015-4519.html
   https://www.suse.com/security/cve/CVE-2015-4520.html
   https://www.suse.com/security/cve/CVE-2015-4521.html
   https://www.suse.com/security/cve/CVE-2015-4522.html
   https://www.suse.com/security/cve/CVE-2015-7174.html
   https://www.suse.com/security/cve/CVE-2015-7175.html
   https://www.suse.com/security/cve/CVE-2015-7176.html
   https://www.suse.com/security/cve/CVE-2015-7177.html
   https://www.suse.com/security/cve/CVE-2015-7178.html
   https://www.suse.com/security/cve/CVE-2015-7179.html
   https://www.suse.com/security/cve/CVE-2015-7180.html
   https://bugzilla.suse.com/935979
   https://bugzilla.suse.com/947003

--

openSUSE: 2015:1681-1: important: seamonkey

October 5, 2015
An update that fixes 25 vulnerabilities is now available.

Description

seamonkey was updated to fix 25 security issues. These security issues were fixed: - CVE-2015-4520: Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header (bsc#947003). - CVE-2015-4521: The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors (bsc#947003). - CVE-2015-4522: The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow (bsc#947003). - CVE-2015-4502: js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandled certain receiver arguments, which allowed remote attackers to bypass intended window access restrictions via a crafted web site (bsc#947003). - CVE-2015-4503: The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandled array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allowed remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application (bsc#947003). - CVE-2015-4500: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (bsc#947003). - CVE-2015-4501: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (bsc#947003). - CVE-2015-4506: Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allowed remote attackers to execute arbitrary code via a crafted VP9 file (bsc#947003). - CVE-2015-4507: The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allowed remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site (bsc#947003). - CVE-2015-4504: The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allowed remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image (bsc#947003). - CVE-2015-4505: updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allowed local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service (bsc#947003). - CVE-2015-7180: The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors (bsc#947003). - CVE-2015-4509: Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176 (bsc#947003). - CVE-2015-7178: The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content (bsc#947003). - CVE-2015-7179: The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allowed remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content (bsc#947003). - CVE-2015-7176: The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 used an incorrect argument to the sscanf function, which might allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors (bsc#947003). - CVE-2015-7177: The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors (bsc#947003). - CVE-2015-7174: The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow (bsc#947003). - CVE-2015-7175: The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow (bsc#947003). - CVE-2015-4511: Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to execute arbitrary code via a crafted header in a WebM video (bsc#947003). - CVE-2015-4510: Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation (bsc#947003). - CVE-2015-4512: gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering (bsc#947003). - CVE-2015-4517: NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors (bsc#947003). - CVE-2015-4516: Mozilla Firefox before 41.0 allowed remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that did not use ES5 APIs (bsc#947003). - CVE-2015-4519: Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element (bsc#947003).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-632=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-632=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 13.2 (i586 x86_64): seamonkey-2.38-20.2 seamonkey-debuginfo-2.38-20.2 seamonkey-debugsource-2.38-20.2 seamonkey-dom-inspector-2.38-20.2 seamonkey-irc-2.38-20.2 seamonkey-translations-common-2.38-20.2 seamonkey-translations-other-2.38-20.2 - openSUSE 13.1 (i586 x86_64): seamonkey-2.38-56.1 seamonkey-debuginfo-2.38-56.1 seamonkey-debugsource-2.38-56.1 seamonkey-dom-inspector-2.38-56.1 seamonkey-irc-2.38-56.1 seamonkey-translations-common-2.38-56.1 seamonkey-translations-other-2.38-56.1


References

https://www.suse.com/security/cve/CVE-2015-4500.html https://www.suse.com/security/cve/CVE-2015-4501.html https://www.suse.com/security/cve/CVE-2015-4502.html https://www.suse.com/security/cve/CVE-2015-4503.html https://www.suse.com/security/cve/CVE-2015-4504.html https://www.suse.com/security/cve/CVE-2015-4505.html https://www.suse.com/security/cve/CVE-2015-4506.html https://www.suse.com/security/cve/CVE-2015-4507.html https://www.suse.com/security/cve/CVE-2015-4509.html https://www.suse.com/security/cve/CVE-2015-4510.html https://www.suse.com/security/cve/CVE-2015-4511.html https://www.suse.com/security/cve/CVE-2015-4512.html https://www.suse.com/security/cve/CVE-2015-4516.html https://www.suse.com/security/cve/CVE-2015-4517.html https://www.suse.com/security/cve/CVE-2015-4519.html https://www.suse.com/security/cve/CVE-2015-4520.html https://www.suse.com/security/cve/CVE-2015-4521.html https://www.suse.com/security/cve/CVE-2015-4522.html https://www.suse.com/security/cve/CVE-2015-7174.html https://www.suse.com/security/cve/CVE-2015-7175.html https://www.suse.com/security/cve/CVE-2015-7176.html https://www.suse.com/security/cve/CVE-2015-7177.html https://www.suse.com/security/cve/CVE-2015-7178.html https://www.suse.com/security/cve/CVE-2015-7179.html https://www.suse.com/security/cve/CVE-2015-7180.html https://bugzilla.suse.com/935979 https://bugzilla.suse.com/947003--


Severity
Announcement ID: openSUSE-SU-2015:1681-1
Rating: important
Affected Products: openSUSE 13.2 openSUSE 13.1

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved