Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2016:0338-1 Important: Firefox Memory Issue Advisory

suse
Calendar Grey February 4, 2016
Dist Suse Esm H88
Tackling urgent Mozilla Firefox vulnerabilities in SUSE: 2016:0338-1 notification including solutions.
An update that solves three vulnerabilities and has three An update that solves three vulnerabilities and has three An update that solves three vulnerabilities and has three fixes ...

Summary

This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: (bsc#963520) Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed: - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635) - CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731) The following improvements were added: - bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites - Tracking protection is now enabled by default - bsc#964332: Fixed leaking file descriptors inside FIPS selfcheck code Patch Instructions:

Topics%20covered

Topics Covered

security advisory network security security issue buffer overflow SUSE memory safety Mozilla Firefox

References

#954447 #963520 #963632 #963635 #963731 #964332

Cross- CVE-2016-1930 CVE-2016-1935 CVE-2016-1938

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP1

SUSE Linux Enterprise Software Development Kit 12

SUSE Linux Enterprise Server 12-SP1

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Desktop 12-SP1

SUSE Linux Enterprise Desktop 12

https://www.suse.com/security/cve/CVE-2016-1930.html

https://www.suse.com/security/cve/CVE-2016-1935.html

https://www.suse.com/security/cve/CVE-2016-1938.html

https://bugzilla.suse.com/show_bug.cgi?id=954447

https://bugzilla.suse.com/show_bug.cgi?id=963520

https://bugzilla.suse.com/show_bug.cgi?id=963632

https://bugzilla.suse.com/show_bug.cgi?id=963635

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2016:0338-1
Rating: important

Topics%20covered

Topics Covered

security advisory network security security issue buffer overflow SUSE memory safety Mozilla Firefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here