SUSE: 2015:1528-1 Important: MozillaFirefox NSS Issues Fixed

suse

September 10, 2015

An update that fixes 14 vulnerabilities is now available

Summary

Mozilla Firefox is being updated to the current Firefox 38ESR branch (specifically the 38.2.0ESR release). Security issues fixed: - MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader - MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards (rv:40.0 / rv:38.2) - MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file - MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties - MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright - MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript - MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images - MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx

Topics Covered

security advisory security issue update important SUSE Linux Mozilla Firefox NSS Library

References

#940806

Cross- CVE-2015-4473 CVE-2015-4474 CVE-2015-4475

CVE-2015-4478 CVE-2015-4479 CVE-2015-4484

CVE-2015-4485 CVE-2015-4486 CVE-2015-4487

CVE-2015-4488 CVE-2015-4489 CVE-2015-4491

CVE-2015-4492 CVE-2015-4495

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Software Development Kit 11-SP3

SUSE Linux Enterprise Server for VMWare 11-SP3

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3

SUSE Linux Enterprise Desktop 11-SP4

SUSE Linux Enterprise Desktop 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2015-4473.html

https://www.suse.com/security/cve/CVE-2015-4474.html

https://www.suse.co...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1528-1

Rating: important

Topics Covered

security advisory security issue update important SUSE Linux Mozilla Firefox NSS Library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1528-1 Important: MozillaFirefox NSS Issues Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1528-1 Important: MozillaFirefox NSS Issues Fixed

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!