Lucene search

SuseSUSE-SU-2015:1528-1

HistorySep 10, 2015 - 5:10 p.m.

Security update for MozillaFirefox, mozilla-nss (important)

2015-09-1017:10:07

lists.opensuse.org

0.967 High

EPSS

Percentile

99.5%

JSON

Mozilla Firefox is being updated to the current Firefox 38ESR branch
(specifically the 38.2.0ESR release).

Security issues fixed:

MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file
stealing via PDF reader
MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety
hazards (rv:40.0 / rv:38.2)
MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file
MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable
JavaScript object properties
MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright
MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in
JavaScript
MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling
bitmap images
MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx
when decoding WebM video
MFSA 2015-90 / CVE-2015-4487/CVE-2015-4488/CVE-2015-4489:
Vulnerabilities found through code inspection
MFSA 2015-92 / CVE-2015-4492: Use-after-free in XMLHttpRequest with
shared workers

This update also contains a lot of feature improvements and bug fixes from
31ESR to 38ESR.

Also the Mozilla NSS library switched its CKBI API from 1.98 to 2.4, which
is what Firefox 38ESR uses.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Debuginfo11.3ppc64mozilla-nss-debugsource< 3.19.2.0-0.16.1mozilla-nss-debugsource-3.19.2.0-0.16.1.ppc64.rpm
SUSE Linux Enterprise Server11.3s390xlibsoftokn3< 3.19.2.0-0.16.1libsoftokn3-3.19.2.0-0.16.1.s390x.rpm
SUSE Linux Enterprise Server11.3x86_64libsoftokn3-32bit< 3.19.2.0-0.16.1libsoftokn3-32bit-3.19.2.0-0.16.1.x86_64.rpm
SUSE Linux Enterprise Desktop11.4i586mozillafirefox< 38.2.1esr-19.3MozillaFirefox-38.2.1esr-19.3.i586.rpm
SUSE Linux Enterprise Server11.3x86_64mozillafirefox-translations< 38.2.1esr-19.3MozillaFirefox-translations-38.2.1esr-19.3.x86_64.rpm
SUSE Linux Enterprise Server11.4ia64mozillafirefox< 38.2.1esr-19.3MozillaFirefox-38.2.1esr-19.3.ia64.rpm
SUSE Linux Enterprise Debuginfo11.3i586mozilla-nss-debugsource< 3.19.2.0-0.16.1mozilla-nss-debugsource-3.19.2.0-0.16.1.i586.rpm
SUSE Linux Enterprise Desktop11.3x86_64libfreebl3-32bit< 3.19.2.0-0.16.1libfreebl3-32bit-3.19.2.0-0.16.1.x86_64.rpm
SUSE Linux Enterprise Server11.3ppc64mozilla-nss-32bit< 3.19.2.0-0.16.1mozilla-nss-32bit-3.19.2.0-0.16.1.ppc64.rpm
SUSE Linux Enterprise Debuginfo11.3x86_64mozilla-nss-debuginfo< 3.19.2.0-0.16.1mozilla-nss-debuginfo-3.19.2.0-0.16.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Debuginfo	11.3	ppc64	mozilla-nss-debugsource	< 3.19.2.0-0.16.1	mozilla-nss-debugsource-3.19.2.0-0.16.1.ppc64.rpm
SUSE Linux Enterprise Server	11.3	s390x	libsoftokn3	< 3.19.2.0-0.16.1	libsoftokn3-3.19.2.0-0.16.1.s390x.rpm
SUSE Linux Enterprise Server	11.3	x86_64	libsoftokn3-32bit	< 3.19.2.0-0.16.1	libsoftokn3-32bit-3.19.2.0-0.16.1.x86_64.rpm
SUSE Linux Enterprise Desktop	11.4	i586	mozillafirefox	< 38.2.1esr-19.3	MozillaFirefox-38.2.1esr-19.3.i586.rpm
SUSE Linux Enterprise Server	11.3	x86_64	mozillafirefox-translations	< 38.2.1esr-19.3	MozillaFirefox-translations-38.2.1esr-19.3.x86_64.rpm
SUSE Linux Enterprise Server	11.4	ia64	mozillafirefox	< 38.2.1esr-19.3	MozillaFirefox-38.2.1esr-19.3.ia64.rpm
SUSE Linux Enterprise Debuginfo	11.3	i586	mozilla-nss-debugsource	< 3.19.2.0-0.16.1	mozilla-nss-debugsource-3.19.2.0-0.16.1.i586.rpm
SUSE Linux Enterprise Desktop	11.3	x86_64	libfreebl3-32bit	< 3.19.2.0-0.16.1	libfreebl3-32bit-3.19.2.0-0.16.1.x86_64.rpm
SUSE Linux Enterprise Server	11.3	ppc64	mozilla-nss-32bit	< 3.19.2.0-0.16.1	mozilla-nss-32bit-3.19.2.0-0.16.1.ppc64.rpm
SUSE Linux Enterprise Debuginfo	11.3	x86_64	mozilla-nss-debuginfo	< 3.19.2.0-0.16.1	mozilla-nss-debuginfo-3.19.2.0-0.16.1.x86_64.rpm

Rows per page:

1-10 of 2051

References

bugzilla.suse.com/940806