openSUSE Security Update: Security update for MozillaFirefox, mozilla-nspr, mozilla-nss
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:0731-1
Rating:             important
References:         #969894 
Cross-References:   CVE-2016-1950 CVE-2016-1952 CVE-2016-1953
                    CVE-2016-1954 CVE-2016-1955 CVE-2016-1956
                    CVE-2016-1957 CVE-2016-1958 CVE-2016-1959
                    CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
                    CVE-2016-1963 CVE-2016-1964 CVE-2016-1965
                    CVE-2016-1966 CVE-2016-1967 CVE-2016-1968
                    CVE-2016-1970 CVE-2016-1971 CVE-2016-1972
                    CVE-2016-1973 CVE-2016-1974 CVE-2016-1975
                    CVE-2016-1976 CVE-2016-1977 CVE-2016-1979
                    CVE-2016-2790 CVE-2016-2791 CVE-2016-2792
                    CVE-2016-2793 CVE-2016-2794 CVE-2016-2795
                    CVE-2016-2796 CVE-2016-2797 CVE-2016-2798
                    CVE-2016-2799 CVE-2016-2800 CVE-2016-2801
                    CVE-2016-2802
Affected Products:
                    openSUSE Leap 42.1
                    openSUSE 13.2
______________________________________________________________________________

   An update that fixes 40 vulnerabilities is now available.

Description:


   This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the
   following issues:

   MozillaFirefox was updated to Firefox 45.0 (boo#969894)
   * requires NSPR 4.12 / NSS 3.21.1
   * Instant browser tab sharing through Hello
   * Synced Tabs button in button bar
   * Tabs synced via Firefox Accounts from other devices are now shown in
     dropdown area of Awesome Bar when searching
   * Introduce a new preference (network.dns.blockDotOnion) to allow blocking
     .onion at the DNS level
   * Tab Groups (Panorama) feature removed
   * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety
     hazards
   * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and
     potential privilege escalation through CSP reports
   * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip
     location information for embedded iframe pages
   * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with
     Intel drivers   * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright
     when deleting an array during MP4 processing
   * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be
     overridden
   * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager
     out-of-bounds read in Service Worker Manager
   * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in
     HTML5 string parser
   * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in
     SetBody
   * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using
     multiple WebRTC data channels
   * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when
     modifying a file being read by FileReader
   * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML
     transformations
   * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though
     history navigation and Location protocol property
   * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation
     using perfomance.getEntries and history navigation with session restore
   * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli
     decompression
   * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with
     malicious NPAPI plugin
     * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/
       CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found
       through code inspection
   * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in
     GetStaticInstance in WebRTC
   * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML
     parser following a failed allocation
   * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1
     decoding in NSS (fixed by requiring 3.21.1)
   * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during
     processing of DER encoded keys in NSS (fixed by requiring 3.21.1)
   * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
     CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
     CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
     CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the
     Graphite 2 library

   mozilla-nspr was updated to version 4.12
   * added a PR_GetEnvSecure function, which attempts to detect if the
     program is being executed with elevated privileges, and returns NULL if
     detected. It is recommended to use this function in general purpose
     library code.
   * fixed a memory allocation bug related to the PR_*printf functions
   * exported API PR_DuplicateEnvironment, which had already been added in
     NSPR 4.10.9
   * added support for FreeBSD aarch64
   * several minor correctness and compatibility fixes

   mozilla-nss was updated to NSS 3.21.1 (bmo#969894)
   * required for Firefox 45.0
   * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1
     decoding in NSS (fixed by requiring 3.21.1)
   * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during
     processing of DER encoded keys in NSS (fixed by requiring 3.21.1)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2016-332=1

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2016-332=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.1 (i586 x86_64):

      MozillaFirefox-45.0-18.1
      MozillaFirefox-branding-upstream-45.0-18.1
      MozillaFirefox-buildsymbols-45.0-18.1
      MozillaFirefox-debuginfo-45.0-18.1
      MozillaFirefox-debugsource-45.0-18.1
      MozillaFirefox-devel-45.0-18.1
      MozillaFirefox-translations-common-45.0-18.1
      MozillaFirefox-translations-other-45.0-18.1
      libfreebl3-3.21.1-12.1
      libfreebl3-debuginfo-3.21.1-12.1
      libsoftokn3-3.21.1-12.1
      libsoftokn3-debuginfo-3.21.1-12.1
      mozilla-nspr-4.12-10.1
      mozilla-nspr-debuginfo-4.12-10.1
      mozilla-nspr-debugsource-4.12-10.1
      mozilla-nspr-devel-4.12-10.1
      mozilla-nss-3.21.1-12.1
      mozilla-nss-certs-3.21.1-12.1
      mozilla-nss-certs-debuginfo-3.21.1-12.1
      mozilla-nss-debuginfo-3.21.1-12.1
      mozilla-nss-debugsource-3.21.1-12.1
      mozilla-nss-devel-3.21.1-12.1
      mozilla-nss-sysinit-3.21.1-12.1
      mozilla-nss-sysinit-debuginfo-3.21.1-12.1
      mozilla-nss-tools-3.21.1-12.1
      mozilla-nss-tools-debuginfo-3.21.1-12.1

   - openSUSE Leap 42.1 (x86_64):

      libfreebl3-32bit-3.21.1-12.1
      libfreebl3-debuginfo-32bit-3.21.1-12.1
      libsoftokn3-32bit-3.21.1-12.1
      libsoftokn3-debuginfo-32bit-3.21.1-12.1
      mozilla-nspr-32bit-4.12-10.1
      mozilla-nspr-debuginfo-32bit-4.12-10.1
      mozilla-nss-32bit-3.21.1-12.1
      mozilla-nss-certs-32bit-3.21.1-12.1
      mozilla-nss-certs-debuginfo-32bit-3.21.1-12.1
      mozilla-nss-debuginfo-32bit-3.21.1-12.1
      mozilla-nss-sysinit-32bit-3.21.1-12.1
      mozilla-nss-sysinit-debuginfo-32bit-3.21.1-12.1

   - openSUSE 13.2 (i586 x86_64):

      MozillaFirefox-45.0-65.1
      MozillaFirefox-branding-upstream-45.0-65.1
      MozillaFirefox-buildsymbols-45.0-65.1
      MozillaFirefox-debuginfo-45.0-65.1
      MozillaFirefox-debugsource-45.0-65.1
      MozillaFirefox-devel-45.0-65.1
      MozillaFirefox-translations-common-45.0-65.1
      MozillaFirefox-translations-other-45.0-65.1
      libfreebl3-3.21.1-28.1
      libfreebl3-debuginfo-3.21.1-28.1
      libsoftokn3-3.21.1-28.1
      libsoftokn3-debuginfo-3.21.1-28.1
      mozilla-nspr-4.12-15.1
      mozilla-nspr-debuginfo-4.12-15.1
      mozilla-nspr-debugsource-4.12-15.1
      mozilla-nspr-devel-4.12-15.1
      mozilla-nss-3.21.1-28.1
      mozilla-nss-certs-3.21.1-28.1
      mozilla-nss-certs-debuginfo-3.21.1-28.1
      mozilla-nss-debuginfo-3.21.1-28.1
      mozilla-nss-debugsource-3.21.1-28.1
      mozilla-nss-devel-3.21.1-28.1
      mozilla-nss-sysinit-3.21.1-28.1
      mozilla-nss-sysinit-debuginfo-3.21.1-28.1
      mozilla-nss-tools-3.21.1-28.1
      mozilla-nss-tools-debuginfo-3.21.1-28.1

   - openSUSE 13.2 (x86_64):

      libfreebl3-32bit-3.21.1-28.1
      libfreebl3-debuginfo-32bit-3.21.1-28.1
      libsoftokn3-32bit-3.21.1-28.1
      libsoftokn3-debuginfo-32bit-3.21.1-28.1
      mozilla-nspr-32bit-4.12-15.1
      mozilla-nspr-debuginfo-32bit-4.12-15.1
      mozilla-nss-32bit-3.21.1-28.1
      mozilla-nss-certs-32bit-3.21.1-28.1
      mozilla-nss-certs-debuginfo-32bit-3.21.1-28.1
      mozilla-nss-debuginfo-32bit-3.21.1-28.1
      mozilla-nss-sysinit-32bit-3.21.1-28.1
      mozilla-nss-sysinit-debuginfo-32bit-3.21.1-28.1


References:

   https://www.suse.com/security/cve/CVE-2016-1950.html
   https://www.suse.com/security/cve/CVE-2016-1952.html
   https://www.suse.com/security/cve/CVE-2016-1953.html
   https://www.suse.com/security/cve/CVE-2016-1954.html
   https://www.suse.com/security/cve/CVE-2016-1955.html
   https://www.suse.com/security/cve/CVE-2016-1956.html
   https://www.suse.com/security/cve/CVE-2016-1957.html
   https://www.suse.com/security/cve/CVE-2016-1958.html
   https://www.suse.com/security/cve/CVE-2016-1959.html
   https://www.suse.com/security/cve/CVE-2016-1960.html
   https://www.suse.com/security/cve/CVE-2016-1961.html
   https://www.suse.com/security/cve/CVE-2016-1962.html
   https://www.suse.com/security/cve/CVE-2016-1963.html
   https://www.suse.com/security/cve/CVE-2016-1964.html
   https://www.suse.com/security/cve/CVE-2016-1965.html
   https://www.suse.com/security/cve/CVE-2016-1966.html
   https://www.suse.com/security/cve/CVE-2016-1967.html
   https://www.suse.com/security/cve/CVE-2016-1968.html
   https://www.suse.com/security/cve/CVE-2016-1970.html
   https://www.suse.com/security/cve/CVE-2016-1971.html
   https://www.suse.com/security/cve/CVE-2016-1972.html
   https://www.suse.com/security/cve/CVE-2016-1973.html
   https://www.suse.com/security/cve/CVE-2016-1974.html
   https://www.suse.com/security/cve/CVE-2016-1975.html
   https://www.suse.com/security/cve/CVE-2016-1976.html
   https://www.suse.com/security/cve/CVE-2016-1977.html
   https://www.suse.com/security/cve/CVE-2016-1979.html
   https://www.suse.com/security/cve/CVE-2016-2790.html
   https://www.suse.com/security/cve/CVE-2016-2791.html
   https://www.suse.com/security/cve/CVE-2016-2792.html
   https://www.suse.com/security/cve/CVE-2016-2793.html
   https://www.suse.com/security/cve/CVE-2016-2794.html
   https://www.suse.com/security/cve/CVE-2016-2795.html
   https://www.suse.com/security/cve/CVE-2016-2796.html
   https://www.suse.com/security/cve/CVE-2016-2797.html
   https://www.suse.com/security/cve/CVE-2016-2798.html
   https://www.suse.com/security/cve/CVE-2016-2799.html
   https://www.suse.com/security/cve/CVE-2016-2800.html
   https://www.suse.com/security/cve/CVE-2016-2801.html
   https://www.suse.com/security/cve/CVE-2016-2802.html
   https://bugzilla.suse.com/969894

openSUSE: 2016:0731-1: important: MozillaFirefox, mozilla-nspr, mozilla-nss

March 12, 2016
An update that fixes 40 vulnerabilities is now available

Description

This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: MozillaFirefox was updated to Firefox 45.0 (boo#969894) * requires NSPR 4.12 / NSS 3.21.1 * Instant browser tab sharing through Hello * Synced Tabs button in button bar * Tabs synced via Firefox Accounts from other devices are now shown in dropdown area of Awesome Bar when searching * Introduce a new preference (network.dns.blockDotOnion) to allow blocking .onion at the DNS level * Tab Groups (Panorama) feature removed * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip location information for embedded iframe pages * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with Intel drivers * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager out-of-bounds read in Service Worker Manager * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when modifying a file being read by FileReader * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation using perfomance.getEntries and history navigation with session restore * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli decompression * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/ CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found through code inspection * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in GetStaticInstance in WebRTC * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1) * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1) * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library mozilla-nspr was updated to version 4.12 * added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code. * fixed a memory allocation bug related to the PR_*printf functions * exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9 * added support for FreeBSD aarch64 * several minor correctness and compatibility fixes mozilla-nss was updated to NSS 3.21.1 (bmo#969894) * required for Firefox 45.0 * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1) * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-332=1 - openSUSE 13.2: zypper in -t patch openSUSE-2016-332=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE Leap 42.1 (i586 x86_64): MozillaFirefox-45.0-18.1 MozillaFirefox-branding-upstream-45.0-18.1 MozillaFirefox-buildsymbols-45.0-18.1 MozillaFirefox-debuginfo-45.0-18.1 MozillaFirefox-debugsource-45.0-18.1 MozillaFirefox-devel-45.0-18.1 MozillaFirefox-translations-common-45.0-18.1 MozillaFirefox-translations-other-45.0-18.1 libfreebl3-3.21.1-12.1 libfreebl3-debuginfo-3.21.1-12.1 libsoftokn3-3.21.1-12.1 libsoftokn3-debuginfo-3.21.1-12.1 mozilla-nspr-4.12-10.1 mozilla-nspr-debuginfo-4.12-10.1 mozilla-nspr-debugsource-4.12-10.1 mozilla-nspr-devel-4.12-10.1 mozilla-nss-3.21.1-12.1 mozilla-nss-certs-3.21.1-12.1 mozilla-nss-certs-debuginfo-3.21.1-12.1 mozilla-nss-debuginfo-3.21.1-12.1 mozilla-nss-debugsource-3.21.1-12.1 mozilla-nss-devel-3.21.1-12.1 mozilla-nss-sysinit-3.21.1-12.1 mozilla-nss-sysinit-debuginfo-3.21.1-12.1 mozilla-nss-tools-3.21.1-12.1 mozilla-nss-tools-debuginfo-3.21.1-12.1 - openSUSE Leap 42.1 (x86_64): libfreebl3-32bit-3.21.1-12.1 libfreebl3-debuginfo-32bit-3.21.1-12.1 libsoftokn3-32bit-3.21.1-12.1 libsoftokn3-debuginfo-32bit-3.21.1-12.1 mozilla-nspr-32bit-4.12-10.1 mozilla-nspr-debuginfo-32bit-4.12-10.1 mozilla-nss-32bit-3.21.1-12.1 mozilla-nss-certs-32bit-3.21.1-12.1 mozilla-nss-certs-debuginfo-32bit-3.21.1-12.1 mozilla-nss-debuginfo-32bit-3.21.1-12.1 mozilla-nss-sysinit-32bit-3.21.1-12.1 mozilla-nss-sysinit-debuginfo-32bit-3.21.1-12.1 - openSUSE 13.2 (i586 x86_64): MozillaFirefox-45.0-65.1 MozillaFirefox-branding-upstream-45.0-65.1 MozillaFirefox-buildsymbols-45.0-65.1 MozillaFirefox-debuginfo-45.0-65.1 MozillaFirefox-debugsource-45.0-65.1 MozillaFirefox-devel-45.0-65.1 MozillaFirefox-translations-common-45.0-65.1 MozillaFirefox-translations-other-45.0-65.1 libfreebl3-3.21.1-28.1 libfreebl3-debuginfo-3.21.1-28.1 libsoftokn3-3.21.1-28.1 libsoftokn3-debuginfo-3.21.1-28.1 mozilla-nspr-4.12-15.1 mozilla-nspr-debuginfo-4.12-15.1 mozilla-nspr-debugsource-4.12-15.1 mozilla-nspr-devel-4.12-15.1 mozilla-nss-3.21.1-28.1 mozilla-nss-certs-3.21.1-28.1 mozilla-nss-certs-debuginfo-3.21.1-28.1 mozilla-nss-debuginfo-3.21.1-28.1 mozilla-nss-debugsource-3.21.1-28.1 mozilla-nss-devel-3.21.1-28.1 mozilla-nss-sysinit-3.21.1-28.1 mozilla-nss-sysinit-debuginfo-3.21.1-28.1 mozilla-nss-tools-3.21.1-28.1 mozilla-nss-tools-debuginfo-3.21.1-28.1 - openSUSE 13.2 (x86_64): libfreebl3-32bit-3.21.1-28.1 libfreebl3-debuginfo-32bit-3.21.1-28.1 libsoftokn3-32bit-3.21.1-28.1 libsoftokn3-debuginfo-32bit-3.21.1-28.1 mozilla-nspr-32bit-4.12-15.1 mozilla-nspr-debuginfo-32bit-4.12-15.1 mozilla-nss-32bit-3.21.1-28.1 mozilla-nss-certs-32bit-3.21.1-28.1 mozilla-nss-certs-debuginfo-32bit-3.21.1-28.1 mozilla-nss-debuginfo-32bit-3.21.1-28.1 mozilla-nss-sysinit-32bit-3.21.1-28.1 mozilla-nss-sysinit-debuginfo-32bit-3.21.1-28.1


References

https://www.suse.com/security/cve/CVE-2016-1950.html https://www.suse.com/security/cve/CVE-2016-1952.html https://www.suse.com/security/cve/CVE-2016-1953.html https://www.suse.com/security/cve/CVE-2016-1954.html https://www.suse.com/security/cve/CVE-2016-1955.html https://www.suse.com/security/cve/CVE-2016-1956.html https://www.suse.com/security/cve/CVE-2016-1957.html https://www.suse.com/security/cve/CVE-2016-1958.html https://www.suse.com/security/cve/CVE-2016-1959.html https://www.suse.com/security/cve/CVE-2016-1960.html https://www.suse.com/security/cve/CVE-2016-1961.html https://www.suse.com/security/cve/CVE-2016-1962.html https://www.suse.com/security/cve/CVE-2016-1963.html https://www.suse.com/security/cve/CVE-2016-1964.html https://www.suse.com/security/cve/CVE-2016-1965.html https://www.suse.com/security/cve/CVE-2016-1966.html https://www.suse.com/security/cve/CVE-2016-1967.html https://www.suse.com/security/cve/CVE-2016-1968.html https://www.suse.com/security/cve/CVE-2016-1970.html https://www.suse.com/security/cve/CVE-2016-1971.html https://www.suse.com/security/cve/CVE-2016-1972.html https://www.suse.com/security/cve/CVE-2016-1973.html https://www.suse.com/security/cve/CVE-2016-1974.html https://www.suse.com/security/cve/CVE-2016-1975.html https://www.suse.com/security/cve/CVE-2016-1976.html https://www.suse.com/security/cve/CVE-2016-1977.html https://www.suse.com/security/cve/CVE-2016-1979.html https://www.suse.com/security/cve/CVE-2016-2790.html https://www.suse.com/security/cve/CVE-2016-2791.html https://www.suse.com/security/cve/CVE-2016-2792.html https://www.suse.com/security/cve/CVE-2016-2793.html https://www.suse.com/security/cve/CVE-2016-2794.html https://www.suse.com/security/cve/CVE-2016-2795.html https://www.suse.com/security/cve/CVE-2016-2796.html https://www.suse.com/security/cve/CVE-2016-2797.html https://www.suse.com/security/cve/CVE-2016-2798.html https://www.suse.com/security/cve/CVE-2016-2799.html https://www.suse.com/security/cve/CVE-2016-2800.html https://www.suse.com/security/cve/CVE-2016-2801.html https://www.suse.com/security/cve/CVE-2016-2802.html https://bugzilla.suse.com/969894


Severity
Announcement ID: openSUSE-SU-2016:0731-1
Rating: important
Affected Products: openSUSE Leap 42.1 openSUSE 13.2 .

Related News

Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved