openSUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:1817-1 Rating: important References: #949983 #950686 Cross-References: CVE-2015-7184 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: MozillaFirefox was updated to version 41.0.2 to fix one security issue. This security issue was fixed: - CVE-2015-7184: Cross-origin restriction bypass using Fetch (bsc#950686). These non-security issues were fixed: * Fix a startup crash related to Yandex toolbar and Adblock Plus (bmo#1209124) * Fix potential hangs with Flash plugins (bmo#1185639) * Fix a regression in the bookmark creation (bmo#1206376) * Fix a startup crash with some Intel Media Accelerator 3150 graphic cards (bmo#1207665) * Fix a graphic crash, occurring occasionally on Facebook (bmo#1178601) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-678=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-678=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (ppc64 ppc64le): MozillaFirefox-41.0.2-47.1 MozillaFirefox-branding-upstream-41.0.2-47.1 MozillaFirefox-debuginfo-41.0.2-47.1 MozillaFirefox-debugsource-41.0.2-47.1 MozillaFirefox-devel-41.0.2-47.1 MozillaFirefox-translations-common-41.0.2-47.1 MozillaFirefox-translations-other-41.0.2-47.1 - openSUSE 13.1 (ppc64): MozillaFirefox-41.0.2-91.1 MozillaFirefox-branding-upstream-41.0.2-91.1 MozillaFirefox-debuginfo-41.0.2-91.1 MozillaFirefox-debugsource-41.0.2-91.1 MozillaFirefox-devel-41.0.2-91.1 MozillaFirefox-translations-common-41.0.2-91.1 MozillaFirefox-translations-other-41.0.2-91.1 References: https://www.suse.com/security/cve/CVE-2015-7184.html https://bugzilla.suse.com/949983 https://bugzilla.suse.com/950686 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org