Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2015:1449-1 Important: MozillaFirefox NSS Security Fix

suse
Calendar Grey August 28, 2015
Dist Suse Esm H88
SUSE has rolled out a crucial security update addressing 28 vulnerabilities in both Mozilla Firefox and NSS, delivering significant improvements. Ensure your systems are updated!
An update that fixes 31 vulnerabilities is now available

Summary

Mozilla Firefox is being updated to the current Firefox 38ESR branch (specifically the 38.2.0ESR release). Security issues fixed: - MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader - MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards (rv:40.0 / rv:38.2) - MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file - MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties - MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright - MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript - MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images - MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx

Topics%20covered

Topics Covered

security advisory update important SUSE Linux system security NSS MozillaFirefox

References

#935033 #935979 #940806 #940918

Cross- CVE-2015-2721 CVE-2015-2722 CVE-2015-2724

CVE-2015-2725 CVE-2015-2726 CVE-2015-2728

CVE-2015-2730 CVE-2015-2733 CVE-2015-2734

CVE-2015-2735 CVE-2015-2736 CVE-2015-2737

CVE-2015-2738 CVE-2015-2739 CVE-2015-2740

CVE-2015-2743 CVE-2015-4000 CVE-2015-4473

CVE-2015-4474 CVE-2015-4475 CVE-2015-4478

CVE-2015-4479 CVE-2015-4484 CVE-2015-4485

CVE-2015-4486 CVE-2015-4487 CVE-2015-4488

CVE-2015-4489 CVE-2015-4491 CVE-2015-4492

CVE-2015-4495

Affected Products:

SUSE Linux Enterprise Server 11-SP2-LTSS

SUSE Linux Enterprise Server 11-SP1-LTSS

SUSE Linux Enterprise Debuginfo 11-SP2

SUSE Linux Enterprise Debuginfo 11-SP1

https://www.suse.com/security/cve/CVE-2015-2721.html

https://www....

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2015:1449-1
Rating: important

Topics%20covered

Topics Covered

security advisory update important SUSE Linux system security NSS MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here