openSUSE: 2016:0731-1 Important: MozillaFirefox Security Issues
opensuse
March 12, 2016
An update that fixes 40 vulnerabilities is now available
Description
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the
following issues:
MozillaFirefox was updated to Firefox 45.0 (boo#969894)
* requires NSPR 4.12 / NSS 3.21.1
* Instant browser tab sharing through Hello
* Synced Tabs button in button bar
* Tabs synced via Firefox Accounts from other devices are now shown in
dropdown area of Awesome Bar when searching
* Introduce a new preference (network.dns.blockDotOnion) to allow blocking
.onion at the DNS level
* Tab Groups (Panorama) feature removed
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety
hazards
* MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and
potential privilege escalation through CSP reports
* MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip
location information for embedded iframe pages
* MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with
Intel drivers * MFSA...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-332=1
- openSUSE 13.2:
zypper in -t patch openSUSE-2016-332=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.1 (i586 x86_64):
MozillaFirefox-45.0-18.1
MozillaFirefox-branding-upstream-45.0-18.1
MozillaFirefox-buildsymbols-45.0-18.1
MozillaFirefox-debuginfo-45.0-18.1
MozillaFirefox-debugsource-45.0-18.1
MozillaFirefox-devel-45.0-18.1
MozillaFirefox-translations-common-45.0-18.1
MozillaFirefox-translations-other-45.0-18.1
libfreebl3-3.21.1-12.1
libfreebl3-debuginfo-3.21.1-12.1
libsoftokn3-3.21.1-12.1
libsoftokn3-debuginfo-3.21.1-12.1
mozilla-nspr-4.12-10.1
mozilla-nspr-debuginfo-4.12-10.1
mozilla-nspr-debugsource-4.12-10.1
mozilla-nspr-devel-4.12-10.1
mozilla-nss-3.21.1-12.1
mozilla-nss-certs-3.21.1-12.1
mozilla-nss-certs-debuginfo-3.21.1-12.1
mozilla-nss-debuginfo-3.21.1-12.1
mozilla-nss-debugsource-3.21.1-12.1
mozilla-nss-devel-3.21.1-12.1
mozilla-nss-sysinit-3.21.1-12.1
mozilla-nss-sysinit-debuginfo-3.21.1-12.1
mozilla-nss-tools-3.21.1-12.1
mozilla-nss-tools-debuginfo-3.21.1-12.1
- openSUSE Leap 42.1 (x86_64):
libfreebl3-32bit-3.21.1-12.1
libfreebl3-debuginfo-32bit-3.21.1-12.1
libsoftokn3-32bit-3.21.1-...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2016-1950.html
https://www.suse.com/security/cve/CVE-2016-1952.html
https://www.suse.com/security/cve/CVE-2016-1953.html
https://www.suse.com/security/cve/CVE-2016-1954.html
https://www.suse.com/security/cve/CVE-2016-1955.html
https://www.suse.com/security/cve/CVE-2016-1956.html
https://www.suse.com/security/cve/CVE-2016-1957.html
https://www.suse.com/security/cve/CVE-2016-1958.html
https://www.suse.com/security/cve/CVE-2016-1959.html
https://www.suse.com/security/cve/CVE-2016-1960.html
https://www.suse.com/security/cve/CVE-2016-1961.html
https://www.suse.com/security/cve/CVE-2016-1962.html
https://www.suse.com/security/cve/CVE-2016-1963.html
https://www.suse.com/security/cve/CVE-2016-1964.html
https://www.suse.com/security/cve/CVE-2016-1965.html
https://www.suse.com/security/cve/CVE-2016-1966.html
https://www.suse.com/security/cve/CVE-2016-1967.html
https://www.suse.com/security/cve/CVE-2016-1968.html
https://www.suse.com/security/cve/CVE-2016-1970.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2016:0731-1
Rating: important
Affected Products:
openSUSE Leap 42.1
openSUSE 13.2
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!