Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE 11 SP4: SUSE-SU-2016:0334-1 Important: MozillaFirefox Fixes

suse
Calendar Grey February 4, 2016
Dist Suse Esm H88
Urgent notice for MozillaFirefox featuring enhancements to remedy various vulnerabilities, guaranteeing system security through advised updates.
An update that solves three vulnerabilities and has two An update that solves three vulnerabilities and has two An update that solves three vulnerabilities and has two fixes is now...

Summary

This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: (bsc#963520) Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed: - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635) - CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731) The following improvements were added: - bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites - Tracking protection is now enabled by default Patch Instructions: To install this SUSE Security Update use YaST online_update.

Topics%20covered

Topics Covered

security advisory buffer overflow important SUSE Linux memory safety MozillaFirefox

References

#954447 #963520 #963632 #963635 #963731

Cross- CVE-2016-1930 CVE-2016-1935 CVE-2016-1938

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Software Development Kit 11-SP3

SUSE Linux Enterprise Server for VMWare 11-SP3

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3

SUSE Linux Enterprise Desktop 11-SP4

SUSE Linux Enterprise Desktop 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2016-1930.html

https://www.suse.com/security/cve/CVE-2016-1935.html

https://www.suse.com/security/cve/CVE-2016-1938.html

https://bugzilla.suse.com/show_bug.cgi?id=954447

https://bugzilla.suse.com/show_bug.cgi?id=963520

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2016:0334-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow important SUSE Linux memory safety MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here