Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
217
security advisorysecurity updatecritical advisoryOracle Linux 8 ELSA-2023-3220 Critical: Firefox Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-3220 https://linux.oracle.com/errata/ELSA-2023-3220.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-102.11.0-2.0.1.el8_7.x86_64.rpm aarch64: firefox-102.11.0-2.0.1.el8_7.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//firefox-102.11.0-2.0.1.el8_7.src.rpm Related CVEs: CVE-2023-32205 CVE-2023-32206 CVE-2023-32207 CVE-2023-32211 CVE-2023-32212 CVE-2023-32213 CVE-2023-32215 Description of changes: [102.11.0-2.0.1] - Updated homepages to use https [Orabug: 34648274] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.11.0-2] - Update to 102.11.0 build2 [102.11.0-1] - Update to 102.11.0 build1 _______________________________________________ El-errata mailing list
Jun 12, 2023
•Critical
Oracle
202
security advisorymedia player fiximportant updateopenSUSE 15 SP4: 2022:10255-1 Important: VLC Media Player Update
An update that solves one vulnerability and has one errata is now available. . openSUSE Security Update: Security update for vlc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:10255-1 Rating: important References: #1200944 #1206142 Cross-References: CVE-2022-41325 CVSS scores: CVE-2022-41325 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for vlc fixes the following issues: - Update to version 3.0.18 (CVE-2022-41325, boo#1206142): + macOS: Fix audio device listing with non-latin names. + Misc: Fix rendering and performance issue with older GPUs. + Updated translations. - Changes from version 3.0.18-rc2: + Codec/Demux: - Add support for Y16 chroma. - Fix build of gme plugin. + Lua: - Fix script for vocaroo. - Fix script for youtube to allow throttled playback. + Service Discovery: Fix UPnP regression on Windows. + Video Output: Fix video placement with caopengllayer. + Misc: Fix password search in kwallet module. - Changes from version 3.0.18-rc: + Demux: - Major adaptive streaming update, notably for multiple timelies and webvtt. - Fix seeking with some fragmented MP4 files. - Add support for DVBSub inside MKV. - Fix some Flac files that could not be played. - Improve seeking in Ogg files. + Decoders: - Fix DxVA/D3D11 crashes on HEVC files with bogus references. - Fix libass storage size and crash. - Fix decoding errors on macOS hw decoding on some HEVC files. + Video Output: - Fix color regression with VAAPI/iOS and OpenGL output. - Fix some resizing issues with OpenGL on GLX/EGL/X11/XV. -Fix Direct3d9 texture stretching. - Fix 10-bit accelerated video filters on macOS. + Playlist: Avoid playlist liveloop on failed/tiny items (temporize EOS bursts). + Misc: - Misc fixes for the extension UI on macOS. - Improve SMBv1 and SMBv2 behaviours. - Improve FTP compatibility. - Support RISC-V. - Fix AVI muxing for Windows Media Player compatibility. - Fix seeking speed on macOS. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2022-10255=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le x86_64): libvlc5-3.0.18-bp154.2.3.1 libvlccore9-3.0.18-bp154.2.3.1 vlc-3.0.18-bp154.2.3.1 vlc-codec-gstreamer-3.0.18-bp154.2.3.1 vlc-devel-3.0.18-bp154.2.3.1 vlc-jack-3.0.18-bp154.2.3.1 vlc-noX-3.0.18-bp154.2.3.1 vlc-opencv-3.0.18-bp154.2.3.1 vlc-qt-3.0.18-bp154.2.3.1 vlc-vdpau-3.0.18-bp154.2.3.1 - openSUSE Backports SLE-15-SP4 (noarch): vlc-lang-3.0.18-bp154.2.3.1 References: https://www.suse.com/security/cve/CVE-2022-41325.html https://bugzilla.suse.com/1200944 https://bugzilla.suse.com/1206142 . The latest openSUSE update addresses vulnerabilities in the VLC media player, providing improved efficiency and better integration.. openSUSE Security Update, VLC Patch, Multimedia Player Fix. . Severity: Important. LinuxSecurity.com Team
Dec 31, 2022
•Important
OpenSUSE
202
security advisoryimportant updateXSS attackopenSUSE 12.2/12.3: 2013:1348-1 Important: Mozilla Software Update
An update that fixes 11 vulnerabilities is now available. An update that fixes 11 vulnerabilities is now available. An update that fixes 11 vulnerabilities is now available.. openSUSE Security Update: update for MozillaFirefox, MozillaThunderbird, mozilla-nspr, mozilla-nss, seamonkey, xulrunner ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:1348-1 Rating: important References: #833389 Cross-References: CVE-2013-1701 CVE-2013-1702 CVE-2013-1704 CVE-2013-1705 CVE-2013-1708 CVE-2013-1709 CVE-2013-1710 CVE-2013-1711 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717 Affected Products: openSUSE 12.3 openSUSE 12.2 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: Changes in seamonkey: - update to SeaMonkey 2.20 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS3.15 - removed obsolete seamonkey-shared-nss-db.patch Changes in seamonkey: - update to SeaMonkey 2.20 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - removed obsolete seamonkey-shared-nss-db.patch Changes in xulrunner: - update to 17.0.8esr (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system Changes in xulrunner: - update to 17.0.8esr (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709(bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system Changes in MozillaThunderbird: - update to Thunderbird 17.0.8 (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - update Enigmail to 1.5.2 * bugfix release Changes in MozillaThunderbird: - update to Thunderbird 17.0.8 (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - update Enigmail to 1.5.2 * bugfix release Changes in mozilla-nss: - fix 32bitrequirement, it's without () actually - update to 3.15.1 * TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246 and RFC 5289) are supported, allowing TLS to be used without MD5 and SHA-1. Note the following limitations: The hash function used in the signature for TLS 1.2 client authentication must be the hash function of the TLS 1.2 PRF, which is always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet supported. * some bugfixes and improvements - require libnssckbi instead of mozilla-nss-certs so p11-kit can conflict with the latter (fate#314991) - update to 3.15 * Packaging + removed obsolete patches * nss-disable-expired-testcerts.patch * bug-834091.patch * New Functionality + Support for OCSP Stapling (RFC 6066, Certificate Status Request) has been added for both client and server sockets. TLS client applications may enable this via a call to SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE); + Added function SECITEM_ReallocItemV2. It replaces function SECITEM_ReallocItem, which is now declared as obsolete. + Support for single-operation (eg: not multi-part) symmetric key encryption and decryption, via PK11_Encrypt and PK11_Decrypt. + certutil has been updated to support creating name constraints extensions. * New Functions in ssl.h SSL_PeerStapledOCSPResponse - Returns the server's stapled OCSP response, when used with a TLS client socket that negotiated the status_request extension. SSL_SetStapledOCSPResponses - Set's a stapled OCSP response for a TLS server socket to return when clients send the status_request extension. in ocsp.h CERT_PostOCSPRequest - Primarily intended for testing, permits the sending and receiving of raw OCSP request/responses. in secpkcs7.h SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7 signature at a specific time other than the present time. in xconst.h CERT_EncodeNameConstraintsExtension - Matching function for CERT_DecodeNameConstraintsExtension, added in NSS 3.10. in secitem.h SECITEM_AllocArray SECITEM_DupArray SECITEM_FreeArray SECITEM_ZfreeArray - Utility functions to handle the allocation and deallocation of SECItemArrays SECITEM_ReallocItemV2 - Replaces SECITEM_ReallocItem, which is now obsolete. SECITEM_ReallocItemV2 better matches caller expectations, in that it updates item-> len on allocation. For more details of the issues with SECITEM_ReallocItem, see Bug 298649 and Bug 298938. in pk11pub.h PK11_Decrypt - Performs decryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. PK11_Encrypt - Performs encryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. * New Types in secitem.h SECItemArray - Represents a variable-length array of SECItems. * New Macros in ssl.h SSL_ENABLE_OCSP_STAPLING - Used with SSL_OptionSet to configure TLS client sockets to request the certificate_status extension (eg: OCSP stapling) when set to PR_TRUE * Notable changes + SECITEM_ReallocItem is now deprecated. Please consider using SECITEM_ReallocItemV2 in all future code. + The list of root CA certificates in the nssckbi module has been updated. + The default implementation of SSL_AuthCertificate has been updated to add certificate status responses stapled by the TLS server to the OCSP cache. * a lot of bugfixes - Add Source URL, see https://en.opensuse.org/SourceUrls Changes in mozilla-nss: - fix 32bit requirement, it's without () actually - update to 3.15.1 * TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246 and RFC 5289) are supported, allowing TLS to be used without MD5 and SHA-1. Note the following limitations: The hash function used in the signature for TLS 1.2 client authentication must be the hash function of the TLS 1.2 PRF, which is always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet supported. * some bugfixes and improvements - require libnssckbi instead of mozilla-nss-certs so p11-kit can conflict with the latter (fate#314991) - update to 3.15 * Packaging + removed obsolete patches * nss-disable-expired-testcerts.patch * bug-834091.patch * New Functionality + Support for OCSP Stapling (RFC 6066, Certificate Status Request) has been added for both client and server sockets. TLS client applications may enable this via a call to SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE); + Added function SECITEM_ReallocItemV2. It replaces function SECITEM_ReallocItem, which is now declared as obsolete. + Support for single-operation (eg: not multi-part) symmetric key encryption and decryption, via PK11_Encrypt and PK11_Decrypt. + certutil has been updated to support creating name constraints extensions. * New Functions in ssl.h SSL_PeerStapledOCSPResponse - Returns the server's stapled OCSP response, when used with a TLS client socket that negotiated the status_request extension. SSL_SetStapledOCSPResponses - Set's a stapled OCSP response for a TLS server socket to return when clients send the status_request extension. in ocsp.h CERT_PostOCSPRequest - Primarily intended for testing, permits the sending and receiving of raw OCSP request/responses. in secpkcs7.h SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7 signature at a specific time other than the present time. in xconst.h CERT_EncodeNameConstraintsExtension - Matching function for CERT_DecodeNameConstraintsExtension, added in NSS 3.10. in secitem.h SECITEM_AllocArray SECITEM_DupArray SECITEM_FreeArray SECITEM_ZfreeArray - Utility functions to handle the allocation and deallocation of SECItemArrays SECITEM_ReallocItemV2 - Replaces SECITEM_ReallocItem, which is now obsolete. SECITEM_ReallocItemV2 better matches caller expectations, in that it updates item-> len on allocation. For more details of the issues with SECITEM_ReallocItem, see Bug 298649 and Bug 298938. in pk11pub.h PK11_Decrypt - Performs decryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. PK11_Encrypt - Performs encryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM. * New Types in secitem.h SECItemArray - Represents a variable-length array of SECItems. * New Macros in ssl.h SSL_ENABLE_OCSP_STAPLING - Used with SSL_OptionSet to configure TLS client sockets to request the certificate_status extension (eg: OCSP stapling) when set to PR_TRUE * Notable changes + SECITEM_ReallocItem is now deprecated. Please consider using SECITEM_ReallocItemV2 in all future code. + The list of root CA certificates in the nssckbi module has been updated. + The default implementation of SSL_AuthCertificate has been updated to add certificate status responses stapled by the TLS server to the OCSP cache. * a lot of bugfixes - Add Source URL, see https://en.opensuse.org/SourceUrls Changes in mozilla-nspr: - update to version 4.10 * bmo#844513: Add AddressSanitizer (ASan) memory check annotations to PLArena. * bmo#849089: Simple changes to make NSPR's configure.in work with the current version of autoconf. * bmo#856196: Fix compiler warnings and clean up code in NSPR 4.10. * bmo#859066: Fix warning in nsprpub/pr/src/misc/prnetdb.c. * bmo#859830: Deprecate ANDROID_VERSION in favor of android/api-level.h. * bmo#861434: Make PR_SetThreadPriority() change priorities relatively to the main process instead of using absolute values on Linux. * bmo#871064L: _PR_InitThreads() should not call PR_SetThreadPriority. Changes in mozilla-nspr: - update to version 4.10 * bmo#844513: Add AddressSanitizer (ASan) memory check annotations to PLArena. * bmo#849089: Simple changes to make NSPR's configure.in work with the current version of autoconf. * bmo#856196: Fix compiler warnings andclean up code in NSPR 4.10. * bmo#859066: Fix warning in nsprpub/pr/src/misc/prnetdb.c. * bmo#859830: Deprecate ANDROID_VERSION in favor of android/api-level.h. * bmo#861434: Make PR_SetThreadPriority() change priorities relatively to the main process instead of using absolute values on Linux. * bmo#871064L: _PR_InitThreads() should not call PR_SetThreadPriority. Changes in MozillaFirefox: - update to Firefox 23.0 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - fix build on ARM (/-g/ matches /-grecord-switches/) Changes in MozillaFirefox: - update to Firefox 23.0 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 - fix build on ARM (/-g/ matches /-grecord-switches/) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.3: zypper in -t patch openSUSE-2013-652 - openSUSE 12.2: zypper in -t patch openSUSE-2013-652 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.3 (i586 x86_64): MozillaFirefox-23.0-1.29.1 MozillaFirefox-branding-upstream-23.0-1.29.1 MozillaFirefox-buildsymbols-23.0-1.29.1 MozillaFirefox-debuginfo-23.0-1.29.1 MozillaFirefox-debugsource-23.0-1.29.1 MozillaFirefox-devel-23.0-1.29.1 MozillaFirefox-translations-common-23.0-1.29.1 MozillaFirefox-translations-other-23.0-1.29.1 MozillaThunderbird-17.0.8-61.21.2 MozillaThunderbird-buildsymbols-17.0.8-61.21.2 MozillaThunderbird-debuginfo-17.0.8-61.21.2 MozillaThunderbird-debugsource-17.0.8-61.21.2 MozillaThunderbird-devel-17.0.8-61.21.2 MozillaThunderbird-devel-debuginfo-17.0.8-61.21.2 MozillaThunderbird-translations-common-17.0.8-61.21.2 MozillaThunderbird-translations-other-17.0.8-61.21.2 enigmail-1.5.2+17.0.8-61.21.2 enigmail-debuginfo-1.5.2+17.0.8-61.21.2 libfreebl3-3.15.1-1.12.1 libfreebl3-debuginfo-3.15.1-1.12.1 libsoftokn3-3.15.1-1.12.1 libsoftokn3-debuginfo-3.15.1-1.12.1 mozilla-js-17.0.8-1.24.1 mozilla-js-debuginfo-17.0.8-1.24.1 mozilla-nspr-4.10-1.14.1 mozilla-nspr-debuginfo-4.10-1.14.1 mozilla-nspr-debugsource-4.10-1.14.1 mozilla-nspr-devel-4.10-1.14.1 mozilla-nss-3.15.1-1.12.1 mozilla-nss-certs-3.15.1-1.12.1 mozilla-nss-certs-debuginfo-3.15.1-1.12.1 mozilla-nss-debuginfo-3.15.1-1.12.1 mozilla-nss-debugsource-3.15.1-1.12.1 mozilla-nss-devel-3.15.1-1.12.1 mozilla-nss-sysinit-3.15.1-1.12.1 mozilla-nss-sysinit-debuginfo-3.15.1-1.12.1 mozilla-nss-tools-3.15.1-1.12.1 mozilla-nss-tools-debuginfo-3.15.1-1.12.1 seamonkey-2.20-1.16.1 seamonkey-debuginfo-2.20-1.16.1 seamonkey-debugsource-2.20-1.16.1 seamonkey-dom-inspector-2.20-1.16.1 seamonkey-irc-2.20-1.16.1 seamonkey-translations-common-2.20-1.16.1 seamonkey-translations-other-2.20-1.16.1 seamonkey-venkman-2.20-1.16.1 xulrunner-17.0.8-1.24.1 xulrunner-buildsymbols-17.0.8-1.24.1 xulrunner-debuginfo-17.0.8-1.24.1 xulrunner-debugsource-17.0.8-1.24.1 xulrunner-devel-17.0.8-1.24.1 xulrunner-devel-debuginfo-17.0.8-1.24.1 - openSUSE 12.3 (x86_64): libfreebl3-32bit-3.15.1-1.12.1 libfreebl3-debuginfo-32bit-3.15.1-1.12.1 libsoftokn3-32bit-3.15.1-1.12.1 libsoftokn3-debuginfo-32bit-3.15.1-1.12.1 mozilla-js-32bit-17.0.8-1.24.1 mozilla-js-debuginfo-32bit-17.0.8-1.24.1 mozilla-nspr-32bit-4.10-1.14.1 mozilla-nspr-debuginfo-32bit-4.10-1.14.1 mozilla-nss-32bit-3.15.1-1.12.1 mozilla-nss-certs-32bit-3.15.1-1.12.1 mozilla-nss-certs-debuginfo-32bit-3.15.1-1.12.1 mozilla-nss-debuginfo-32bit-3.15.1-1.12.1 mozilla-nss-sysinit-32bit-3.15.1-1.12.1 mozilla-nss-sysinit-debuginfo-32bit-3.15.1-1.12.1 xulrunner-32bit-17.0.8-1.24.1 xulrunner-debuginfo-32bit-17.0.8-1.24.1 - openSUSE 12.2 (i586 x86_64): MozillaFirefox-23.0-2.55.1 MozillaFirefox-branding-upstream-23.0-2.55.1 MozillaFirefox-buildsymbols-23.0-2.55.1 MozillaFirefox-debuginfo-23.0-2.55.1 MozillaFirefox-debugsource-23.0-2.55.1 MozillaFirefox-devel-23.0-2.55.1 MozillaFirefox-translations-common-23.0-2.55.1 MozillaFirefox-translations-other-23.0-2.55.1 MozillaThunderbird-17.0.8-49.51.2 MozillaThunderbird-buildsymbols-17.0.8-49.51.2 MozillaThunderbird-debuginfo-17.0.8-49.51.2 MozillaThunderbird-debugsource-17.0.8-49.51.2 MozillaThunderbird-devel-17.0.8-49.51.2 MozillaThunderbird-devel-debuginfo-17.0.8-49.51.2 MozillaThunderbird-translations-common-17.0.8-49.51.2 MozillaThunderbird-translations-other-17.0.8-49.51.2 enigmail-1.5.2+17.0.8-49.51.2 enigmail-debuginfo-1.5.2+17.0.8-49.51.2 libfreebl3-3.15.1-2.23.1 libfreebl3-debuginfo-3.15.1-2.23.1 libsoftokn3-3.15.1-2.23.1 libsoftokn3-debuginfo-3.15.1-2.23.1 mozilla-js-17.0.8-2.50.1 mozilla-js-debuginfo-17.0.8-2.50.1 mozilla-nspr-4.10-1.16.1 mozilla-nspr-debuginfo-4.10-1.16.1 mozilla-nspr-debugsource-4.10-1.16.1 mozilla-nspr-devel-4.10-1.16.1 mozilla-nss-3.15.1-2.23.1 mozilla-nss-certs-3.15.1-2.23.1 mozilla-nss-certs-debuginfo-3.15.1-2.23.1 mozilla-nss-debuginfo-3.15.1-2.23.1 mozilla-nss-debugsource-3.15.1-2.23.1 mozilla-nss-devel-3.15.1-2.23.1 mozilla-nss-sysinit-3.15.1-2.23.1 mozilla-nss-sysinit-debuginfo-3.15.1-2.23.1 mozilla-nss-tools-3.15.1-2.23.1 mozilla-nss-tools-debuginfo-3.15.1-2.23.1 seamonkey-2.20-2.46.1 seamonkey-debuginfo-2.20-2.46.1 seamonkey-debugsource-2.20-2.46.1 seamonkey-dom-inspector-2.20-2.46.1 seamonkey-irc-2.20-2.46.1 seamonkey-translations-common-2.20-2.46.1 seamonkey-translations-other-2.20-2.46.1 seamonkey-venkman-2.20-2.46.1 xulrunner-17.0.8-2.50.1 xulrunner-buildsymbols-17.0.8-2.50.1 xulrunner-debuginfo-17.0.8-2.50.1 xulrunner-debugsource-17.0.8-2.50.1 xulrunner-devel-17.0.8-2.50.1 xulrunner-devel-debuginfo-17.0.8-2.50.1 - openSUSE 12.2 (x86_64): libfreebl3-32bit-3.15.1-2.23.1 libfreebl3-debuginfo-32bit-3.15.1-2.23.1 libsoftokn3-32bit-3.15.1-2.23.1 libsoftokn3-debuginfo-32bit-3.15.1-2.23.1 mozilla-js-32bit-17.0.8-2.50.1 mozilla-js-debuginfo-32bit-17.0.8-2.50.1 mozilla-nspr-32bit-4.10-1.16.1 mozilla-nspr-debuginfo-32bit-4.10-1.16.1 mozilla-nss-32bit-3.15.1-2.23.1 mozilla-nss-certs-32bit-3.15.1-2.23.1 mozilla-nss-certs-debuginfo-32bit-3.15.1-2.23.1 mozilla-nss-debuginfo-32bit-3.15.1-2.23.1 mozilla-nss-sysinit-32bit-3.15.1-2.23.1 mozilla-nss-sysinit-debuginfo-32bit-3.15.1-2.23.1 xulrunner-32bit-17.0.8-2.50.1 xulrunner-debuginfo-32bit-17.0.8-2.50.1 References: https://www.suse.com/security/cve/CVE-2013-1701.html https://www.suse.com/security/cve/CVE-2013-1702.html https://www.suse.com/security/cve/CVE-2013-1704.html https://www.suse.com/security/cve/CVE-2013-1705.html https://www.suse.com/security/cve/CVE-2013-1708.html https://www.suse.com/security/cve/CVE-2013-1709.html https://www.suse.com/security/cve/CVE-2013-1710.html https://www.suse.com/security/cve/CVE-2013-1711.html https://www.suse.com/security/cve/CVE-2013-1713.html https://www.suse.com/security/cve/CVE-2013-1714.html https://www.suse.com/security/cve/CVE-2013-1717.html . Critical openSUSE notification: Mozilla addresses 11 security flaws in Firefox and Thunderbird. Urgent measures required.. openSUSE Patch, Mozilla security, NVU vulnerabilities, important updates. . Severity: Important. LinuxSecurity.com Team
Aug 16, 2013
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!