SUSE: 2014:0824-1 Critical: MozillaFirefox Memory Safety Fix
suse
June 21, 2014
An update that fixes 7 vulnerabilities is now available
Summary
MozillaFirefox was updated to version 24.6.0 to fix six security issues:
* Miscellaneous memory safety hazards. (CVE-2014-1533, CVE-2014-1534)
* Use-after-free and out of bounds issues found using Address
Sanitizer. (CVE-2014-1536, CVE-2014-1537, CVE-2014-1538)
* Use-after-free with SMIL Animation Controller. (CVE-2014-1541)
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* Out of bounds write in NSPR. (CVE-2014-1545)
Further information can be found at
https://www.mozilla.org/en-US/security/advisories/
Topics Covered
References
#881874
Cross- CVE-2014-1533 CVE-2014-1534 CVE-2014-1536
CVE-2014-1537 CVE-2014-1538 CVE-2014-1541
CVE-2014-1545
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 10 SP3 LTSS
SUSE Linux Enterprise Desktop 11 SP3
https://www.suse.com/security/cve/CVE-2014-1533.html
https://www.suse.com/security/cve/CVE-2014-1534.html
https://www.suse.com/security/cve/CVE-2014-1536.html
https://www.suse.com/security/cve/CVE-2014-1537.html
https://www.suse.com/security/cve/CVE-2014-1538.html
https://www.suse.com/security/cve/CVE-2014-1541.html
https://www.suse.com/security/cve/CVE-2014-1545.html
https://scc.suse.com:443/patches/
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2014:0824-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!