Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2015:2345-2 Critical: MozillaThunderbird Several Vulnerabilities

suse
Calendar Grey December 21, 2015
Dist Suse Esm H88
Critical Security Patch from SUSE addresses various vulnerabilities in MozillaFirefox, enhancing overall system defense.
An update that fixes 8 vulnerabilities is now available

Summary

MozillaFirefox was updated to version 38.5.0 esr to fix the following issues: Following security issues were fixed: * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5) * MFSA 2015-138/CVE-2015-7210 Use-after-free in WebRTC when datachannel is used after being destroyed * MFSA 2015-139/CVE-2015-7212 Integer overflow allocating extremely large textures * MFSA 2015-145/CVE-2015-7205 Underflow through code inspection * MFSA 2015-146/CVE-2015-7213 Integer overflow in MP4 playback in 64-bit versions * MFSA 2015-147/CVE-2015-7222 Integer underflow and buffer overflow processing MP4 metadata in libstagefright * MFSA 2015-149/CVE-2015-7214 Cross-site reading attack through data and view-source URIs Patch Instructions:

Topics%20covered

Topics Covered

security advisory software update important memory safety SUSE Linux Enterprise MozillaFirefox code inspection

References

#959277

Cross- CVE-2015-7201 CVE-2015-7202 CVE-2015-7205

CVE-2015-7210 CVE-2015-7212 CVE-2015-7213

CVE-2015-7214 CVE-2015-7222

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Software Development Kit 11-SP3

SUSE Linux Enterprise Server for VMWare 11-SP3

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3

SUSE Linux Enterprise Desktop 11-SP4

SUSE Linux Enterprise Desktop 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2015-7201.html

https://www.suse.com/security/cve/CVE-2015-7202.html

https://www.suse.com/security/cve/CVE-2015-7205.html

https://www.suse.com/security/cve/CVE-2015-7210.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2015:2334-1
Rating: important

Topics%20covered

Topics Covered

security advisory software update important memory safety SUSE Linux Enterprise MozillaFirefox code inspection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here