Mailinglist Archive: opensuse-updates (200 mails)

< Previous Next >
openSUSE-SU-2013:0875-1: moderate: seamonkey: 2.17 update
openSUSE Security Update: seamonkey: 2.17 update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:0875-1
Rating: moderate
References: #813026 #814101
Cross-References: CVE-2013-0788 CVE-2013-0789 CVE-2013-0792
CVE-2013-0793 CVE-2013-0794 CVE-2013-0795
CVE-2013-0796 CVE-2013-0800
Affected Products:
openSUSE 12.3
______________________________________________________________________________

An update that fixes 8 vulnerabilities is now available.

Description:


Seamonkey was updated to the 2.17 release, fixing bugs and
security issues:


- update to SeaMonkey 2.17 (bnc#813026)
* requires NSPR 4.9.5 and NSS 3.14.3
* mozilla-webrtc-ppc.patch included upstream
* MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous
memory safety hazards
* MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds
write in Cairo library
* MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash
with Mesa graphics driver on Linux
* MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW
protections allows cloning of protected nodes
* MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of
tab-modal dialog origin disclosure
* MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site
scripting (XSS) using timed history navigations
* MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory
corruption while rendering grayscale PNG images
- use GStreamer 1.0 starting with 12.3
(mozilla-gstreamer-1.patch)
- revert to use GStreamer 0.10 on 12.3 (bnc#814101) (remove
mozilla-gstreamer-1.patch)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.3:

zypper in -t patch openSUSE-2013-400

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.3 (i586 x86_64):

seamonkey-2.17-1.8.4
seamonkey-debuginfo-2.17-1.8.4
seamonkey-debugsource-2.17-1.8.4
seamonkey-dom-inspector-2.17-1.8.4
seamonkey-irc-2.17-1.8.4
seamonkey-translations-common-2.17-1.8.4
seamonkey-translations-other-2.17-1.8.4
seamonkey-venkman-2.17-1.8.4


References:

http://support.novell.com/security/cve/CVE-2013-0788.html
http://support.novell.com/security/cve/CVE-2013-0789.html
http://support.novell.com/security/cve/CVE-2013-0792.html
http://support.novell.com/security/cve/CVE-2013-0793.html
http://support.novell.com/security/cve/CVE-2013-0794.html
http://support.novell.com/security/cve/CVE-2013-0795.html
http://support.novell.com/security/cve/CVE-2013-0796.html
http://support.novell.com/security/cve/CVE-2013-0800.html
https://bugzilla.novell.com/813026
https://bugzilla.novell.com/814101


< Previous Next >
This Thread
  • No further messages