SUSE 2016:0909-1 Critical: Firefox, NSPR, NSS Buffer Overflow

suse

March 30, 2016

An update that fixes 29 vulnerabilities is now available

Summary

This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing following security issues: * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7) * MFSA 2016-17/CVE-2016-1954 Local file overwriting and potential privilege escalation through CSP reports * MFSA 2016-20/CVE-2016-1957 Memory leak in libstagefright when deleting an array during MP4 processing * MFSA 2016-21/CVE-2016-1958 Displayed page address can be overridden * MFSA 2016-23/CVE-2016-1960 Use-after-free in HTML5 string parser * MFSA 2016-24/CVE-2016-1961 Use-after-free in SetBody * MFSA 2016-25/CVE-2016-1962 Use-after-free when using multiple WebRTC data channels

Topics Covered

security advisory buffer overflow critical patch SUSE memory safety MozillaFirefox

References

#969894

Cross- CVE-2016-1950 CVE-2016-1952 CVE-2016-1953

CVE-2016-1954 CVE-2016-1957 CVE-2016-1958

CVE-2016-1960 CVE-2016-1961 CVE-2016-1962

CVE-2016-1964 CVE-2016-1965 CVE-2016-1966

CVE-2016-1974 CVE-2016-1977 CVE-2016-1978

CVE-2016-1979 CVE-2016-2790 CVE-2016-2791

CVE-2016-2792 CVE-2016-2793 CVE-2016-2794

CVE-2016-2795 CVE-2016-2796 CVE-2016-2797

CVE-2016-2798 CVE-2016-2799 CVE-2016-2800

CVE-2016-2801 CVE-2016-2802

Affected Products:

SUSE Linux Enterprise Server 11-SP2-LTSS

SUSE Linux Enterprise Debuginfo 11-SP2

https://www.suse.com/security/cve/CVE-2016-1950.html

https://www.suse.com/security/cve/CVE-2016-1952.html

https://www.suse.com/security/cve/CVE-2016-1953.html

https://www.suse.com/security/cve/CVE-2016-1954.html

Severity

critical

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:0909-1

Rating: important

Topics Covered

security advisory buffer overflow critical patch SUSE memory safety MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 2016:0909-1 Critical: Firefox, NSPR, NSS Buffer Overflow

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 2016:0909-1 Critical: Firefox, NSPR, NSS Buffer Overflow

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!