openSUSE Security Update: Mozilla Februarys ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0324-1 Rating: moderate References: Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: Firefox was updated to version 19.0. Seamonkey was updated to version 2.16. Thunderbird was updated to version 17.0.3. * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch 2013-29 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): MozillaFirefox-19.0-61.1 MozillaFirefox-branding-upstream-19.0-61.1 MozillaFirefox-buildsymbols-19.0-61.1 MozillaFirefox-debuginfo-19.0-61.1 MozillaFirefox-debugsource-19.0-61.1 MozillaFirefox-devel-19.0-61.1 MozillaFirefox-translations-common-19.0-61.1 MozillaFirefox-translations-other-19.0-61.1 MozillaThunderbird-17.0.3-49.1 MozillaThunderbird-buildsymbols-17.0.3-49.1 MozillaThunderbird-debuginfo-17.0.3-49.1 MozillaThunderbird-debugsource-17.0.3-49.1 MozillaThunderbird-devel-17.0.3-49.1 MozillaThunderbird-devel-debuginfo-17.0.3-49.1 MozillaThunderbird-translations-common-17.0.3-49.1 MozillaThunderbird-translations-other-17.0.3-49.1 enigmail-1.5.1+17.0.3-49.1 enigmail-debuginfo-1.5.1+17.0.3-49.1 seamonkey-2.16-53.1 seamonkey-debuginfo-2.16-53.1 seamonkey-debugsource-2.16-53.1 seamonkey-dom-inspector-2.16-53.1 seamonkey-irc-2.16-53.1 seamonkey-translations-common-2.16-53.1 seamonkey-translations-other-2.16-53.1 seamonkey-venkman-2.16-53.1 References: