SUSE: 2012:1351-1 Important: Multiple Security Flaws in Firefox

suse

October 16, 2012

An update that fixes 27 vulnerabilities is now available

Summary

MozillaFirefox was updated to the 10.0.9ESR security release which fixes bugs and security issues: * MFSA 2012-73 / CVE-2012-3977: Security researchers Thai Duong and Juliano Rizzo reported that SPDY's request header compression leads to information leakage, which can allow the extraction of private data such as session cookies, even over an encrypted SSL connection. (This does not affect Firefox 10 as it does not feature the SPDY extension. It was silently fixed for Firefox 15.) * MFSA 2012-74: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

Topics Covered

security advisory patch SUSE memory safety Mozilla Firefox browser update important security issue

References

#783533

Cross- CVE-2012-3977 CVE-2012-3982 CVE-2012-3983

CVE-2012-3984 CVE-2012-3985 CVE-2012-3986

CVE-2012-3987 CVE-2012-3988 CVE-2012-3989

CVE-2012-3990 CVE-2012-3991 CVE-2012-3992

CVE-2012-3993 CVE-2012-3994 CVE-2012-3995

CVE-2012-4179 CVE-2012-4180 CVE-2012-4181

CVE-2012-4182 CVE-2012-4183 CVE-2012-4184

CVE-2012-4185 CVE-2012-4186 CVE-2012-4187

CVE-2012-4188 CVE-2012-4192 CVE-2012-4193

Affected Products:

SUSE Linux Enterprise Server 11 SP2 for VMware

SUSE Linux Enterprise Server 11 SP2

SUSE Linux Enterprise Server 10 SP4

SUSE Linux Enterprise Desktop 11 SP2

SUSE Linux Enterprise Desktop 10 SP4

SLE SDK 10 SP4

https://www.suse.com/security/cve/CVE-2012-3977.html

https://www.suse.com/secu...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2012:1351-1

Rating: important

Topics Covered

security advisory patch SUSE memory safety Mozilla Firefox browser update important security issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2012:1351-1 Important: Multiple Security Flaws in Firefox

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2012:1351-1 Important: Multiple Security Flaws in Firefox

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!