SUSE: 2016:3014-1 Important: MozillaFirefox and mozilla-nss Issues

suse

December 5, 2016

An update that solves 8 vulnerabilities and has two fixes An update that solves 8 vulnerabilities and has two fixes An update that solves 8 vulnerabilities and has two fixes is now...

Summary

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5 (bsc#1009026): - CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401) - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404) - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395) - CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402) - CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427) - CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410) The following vulnerabilities were fixed in mozilla-nss 3.21.3:

Topics Covered

security advisory buffer overflow SUSE important fix memory safety MozillaFirefox mozilla-nss

References

#1009026 #1010395 #1010401 #1010402 #1010404

#1010410 #1010422 #1010427 #1010517 #992549

Cross- CVE-2016-5285 CVE-2016-5290 CVE-2016-5291

CVE-2016-5296 CVE-2016-5297 CVE-2016-9064

CVE-2016-9066 CVE-2016-9074

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Software Development Kit 12-SP1

SUSE Linux Enterprise Server for SAP 12

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Server 12-SP1

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Desktop 12-SP2

SUSE Linux Enterprise Desktop 12-SP1

https://www.suse.com/security/cve/CVE-2016-5285.html

https://www.suse.com/security/cve/CVE-2016-5290.html

https://www.sus...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:3014-1

Rating: important

Topics Covered

security advisory buffer overflow SUSE important fix memory safety MozillaFirefox mozilla-nss

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:3014-1 Important: MozillaFirefox and mozilla-nss Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:3014-1 Important: MozillaFirefox and mozilla-nss Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!