SUSE: 2015:1504-1 Important Update: MozillaFirefox Fixes Severe Issues
suse
September 7, 2015
An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one errata is now avai...
Summary
Mozilla Firefox was updated to 38.2.1 ESR, fixing two severe security bugs. (bsc#943608) * MFSA 2015-94/CVE-2015-4497 (bsc#943557): Use-after-free when resizing canvas element during restyling * MFSA 2015-95/CVE-2015-4498 (bsc#943558): Add-on notification bypass through data URLs Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-firefox-20150831-12071=1 - SUSE Linux Enterprise Server 11-SP1-LTSS: zypper in -t patch slessp1-firefox-20150831-12071=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-firefox-20150831-12071=1 - SUSE Linux Enterprise Debuginfo 11-SP1:
References
#943557 #943558 #943608
Cross- CVE-2015-4497 CVE-2015-4498
Affected Products:
SUSE Linux Enterprise Server 11-SP2-LTSS
SUSE Linux Enterprise Server 11-SP1-LTSS
SUSE Linux Enterprise Debuginfo 11-SP2
SUSE Linux Enterprise Debuginfo 11-SP1
https://www.suse.com/security/cve/CVE-2015-4497.html
https://www.suse.com/security/cve/CVE-2015-4498.html
https://bugzilla.suse.com/show_bug.cgi?id=943557
https://bugzilla.suse.com/show_bug.cgi?id=943558
https://bugzilla.suse.com/show_bug.cgi?id=943608
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2015:1504-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!