This update to Mozilla Firefox 46.0 fixes several security issues and bugs (boo#977333).
The following vulnerabilities were fixed :
CVE-2016-2804: Miscellaneous memory safety hazards - MFSA 2016-39 (boo#977373)
CVE-2016-2806: Miscellaneous memory safety hazards - MFSA 2016-39 (boo#977375)
CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 (boo#977376)
CVE-2016-2808: Write to invalid HashMap entry through JavaScript.watch() - MFSA 2016-47 (boo#977386)
CVE-2016-2811: Use-after-free in Service Worker - MFSA 2016-42 (boo#977379)
CVE-2016-2812: Buffer overflow in Service Worker - MFSA 2016-42 (boo#977379)
CVE-2016-2814: Buffer overflow in libstagefright with CENC offsets - MFSA 2016-44 (boo#977381)
CVE-2016-2816: CSP not applied to pages sent with multipart/x-mixed-replace - MFSA 2016-45 (boo#977382)
CVE-2016-2817: Elevation of privilege with chrome.tabs.update API in web extensions - MFSA 2016-46 (boo#977384)
CVE-2016-2820: Firefox Health Reports could accept events from untrusted domains - MFSA 2016-48 (boo#977388)
The following miscellaneous changes are included :
Improved security of the JavaScript Just In Time (JIT) Compiler
WebRTC fixes to improve performance and stability
Added support for document.elementsFromPoint
Added HKDF support for Web Crypto API
The following changes from Mozilla Firefox 45.0.2 are included :
Fix an issue impacting the cookie header when third-party cookies are blocked
Fix a web compatibility regression impacting the srcset attribute of the image tag
Fix a crash impacting the video playback with Media Source Extension
Fix a regression impacting some specific uploads
Fix a regression with the copy and paste with some old versions of some Gecko applications like Thunderbird
The following changes from Mozilla Firefox 45.0.2 are included :
Fix a regression causing search engine settings to be lost in some context
Bring back non-standard jar: URIs to fix a regression in IBM iNotes
XSLTProcessor.importStylesheet was failing when import was used
Fix an issue which could cause the list of search provider to be empty
Fix a regression when using the location bar (bmo#1254503)
Fix some loading issues when Accept third-party cookies:
was set to Never
Disabled Graphite font shaping library
The minimum requirements increased to NSPR 4.12 and NSS 3.22.3.
Mozilla NSS was updated to 3.22.3 as a dependency for Mozilla Firefox 46.0, with the following changes :
Increase compatibility of TLS extended master secret, don’t send an empty TLS extension last in the handshake (bmo#1243641)
RSA-PSS signatures are now supported
Pseudorandom functions based on hashes other than SHA-1 are now supported
Enforce an External Policy on NSS from a config file
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-541.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(90932);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-2804", "CVE-2016-2806", "CVE-2016-2807", "CVE-2016-2808", "CVE-2016-2811", "CVE-2016-2812", "CVE-2016-2814", "CVE-2016-2816", "CVE-2016-2817", "CVE-2016-2820");
script_name(english:"openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-541)");
script_summary(english:"Check for the openSUSE-2016-541 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update to Mozilla Firefox 46.0 fixes several security issues and
bugs (boo#977333).
The following vulnerabilities were fixed :
- CVE-2016-2804: Miscellaneous memory safety hazards -
MFSA 2016-39 (boo#977373)
- CVE-2016-2806: Miscellaneous memory safety hazards -
MFSA 2016-39 (boo#977375)
- CVE-2016-2807: Miscellaneous memory safety hazards -
MFSA 2016-39 (boo#977376)
- CVE-2016-2808: Write to invalid HashMap entry through
JavaScript.watch() - MFSA 2016-47 (boo#977386)
- CVE-2016-2811: Use-after-free in Service Worker - MFSA
2016-42 (boo#977379)
- CVE-2016-2812: Buffer overflow in Service Worker - MFSA
2016-42 (boo#977379)
- CVE-2016-2814: Buffer overflow in libstagefright with
CENC offsets - MFSA 2016-44 (boo#977381)
- CVE-2016-2816: CSP not applied to pages sent with
multipart/x-mixed-replace - MFSA 2016-45 (boo#977382)
- CVE-2016-2817: Elevation of privilege with
chrome.tabs.update API in web extensions - MFSA 2016-46
(boo#977384)
- CVE-2016-2820: Firefox Health Reports could accept
events from untrusted domains - MFSA 2016-48
(boo#977388)
The following miscellaneous changes are included :
- Improved security of the JavaScript Just In Time (JIT)
Compiler
- WebRTC fixes to improve performance and stability
- Added support for document.elementsFromPoint
- Added HKDF support for Web Crypto API
The following changes from Mozilla Firefox 45.0.2 are included :
- Fix an issue impacting the cookie header when
third-party cookies are blocked
- Fix a web compatibility regression impacting the srcset
attribute of the image tag
- Fix a crash impacting the video playback with Media
Source Extension
- Fix a regression impacting some specific uploads
- Fix a regression with the copy and paste with some old
versions of some Gecko applications like Thunderbird
The following changes from Mozilla Firefox 45.0.2 are included :
- Fix a regression causing search engine settings to be
lost in some context
- Bring back non-standard jar: URIs to fix a regression in
IBM iNotes
- XSLTProcessor.importStylesheet was failing when import
was used
- Fix an issue which could cause the list of search
provider to be empty
- Fix a regression when using the location bar
(bmo#1254503)
- Fix some loading issues when Accept third-party cookies:
was set to Never
- Disabled Graphite font shaping library
The minimum requirements increased to NSPR 4.12 and NSS 3.22.3.
Mozilla NSS was updated to 3.22.3 as a dependency for Mozilla Firefox
46.0, with the following changes :
- Increase compatibility of TLS extended master secret,
don't send an empty TLS extension last in the handshake
(bmo#1243641)
- RSA-PSS signatures are now supported
- Pseudorandom functions based on hashes other than SHA-1
are now supported
- Enforce an External Policy on NSS from a config file"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977333"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977373"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977375"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977376"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977379"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977381"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977382"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977384"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977386"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977388"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected MozillaFirefox / mozilla-nss packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
script_set_attribute(attribute:"patch_publication_date", value:"2016/05/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/06");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.2|SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2 / 42.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-branding-upstream-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-buildsymbols-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-debuginfo-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-debugsource-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-devel-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-translations-common-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-translations-other-46.0-68.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libfreebl3-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libfreebl3-debuginfo-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libsoftokn3-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libsoftokn3-debuginfo-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-certs-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-certs-debuginfo-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-debuginfo-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-debugsource-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-devel-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-sysinit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-sysinit-debuginfo-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-tools-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-tools-debuginfo-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libfreebl3-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsoftokn3-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.22.3-31.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-branding-upstream-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-buildsymbols-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-debuginfo-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-debugsource-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-devel-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-translations-common-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-translations-other-46.0-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-debuginfo-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-debuginfo-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-debuginfo-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debuginfo-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debugsource-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-devel-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-debuginfo-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-debuginfo-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.22.3-15.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.22.3-15.2") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | opensuse | mozillafirefox | p-cpe:/a:novell:opensuse:mozillafirefox |
novell | opensuse | mozillafirefox-branding-upstream | p-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream |
novell | opensuse | mozillafirefox-buildsymbols | p-cpe:/a:novell:opensuse:mozillafirefox-buildsymbols |
novell | opensuse | mozillafirefox-debuginfo | p-cpe:/a:novell:opensuse:mozillafirefox-debuginfo |
novell | opensuse | mozillafirefox-debugsource | p-cpe:/a:novell:opensuse:mozillafirefox-debugsource |
novell | opensuse | mozillafirefox-devel | p-cpe:/a:novell:opensuse:mozillafirefox-devel |
novell | opensuse | mozillafirefox-translations-common | p-cpe:/a:novell:opensuse:mozillafirefox-translations-common |
novell | opensuse | mozillafirefox-translations-other | p-cpe:/a:novell:opensuse:mozillafirefox-translations-other |
novell | opensuse | libfreebl3 | p-cpe:/a:novell:opensuse:libfreebl3 |
novell | opensuse | libfreebl3-32bit | p-cpe:/a:novell:opensuse:libfreebl3-32bit |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820
bugzilla.opensuse.org/show_bug.cgi?id=977333
bugzilla.opensuse.org/show_bug.cgi?id=977373
bugzilla.opensuse.org/show_bug.cgi?id=977375
bugzilla.opensuse.org/show_bug.cgi?id=977376
bugzilla.opensuse.org/show_bug.cgi?id=977379
bugzilla.opensuse.org/show_bug.cgi?id=977381
bugzilla.opensuse.org/show_bug.cgi?id=977382
bugzilla.opensuse.org/show_bug.cgi?id=977384
bugzilla.opensuse.org/show_bug.cgi?id=977386
bugzilla.opensuse.org/show_bug.cgi?id=977388