Mailinglist Archive: opensuse-updates (114 mails)

< Previous Next >
openSUSE-SU-2014:1346-1: moderate: update for MozillaThunderbird
openSUSE Security Update: update for MozillaThunderbird
______________________________________________________________________________

Announcement ID: openSUSE-SU-2014:1346-1
Rating: moderate
References: #900941
Cross-References: CVE-2014-1574 CVE-2014-1576 CVE-2014-1577
CVE-2014-1578 CVE-2014-1581 CVE-2014-1585
CVE-2014-1586
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that fixes 7 vulnerabilities is now available.

Description:


- update to Thunderbird 31.2.0 (bnc#900941)
* MFSA 2014-74/CVE-2014-1574 Miscellaneous memory safety hazards
* MFSA 2014-75/CVE-2014-1576 (bmo#1041512) Buffer overflow during CSS
manipulation
* MFSA 2014-76/CVE-2014-1577 (bmo#1012609) Web Audio memory corruption
issues with custom waveforms
* MFSA 2014-77/CVE-2014-1578 (bmo#1063327) Out-of-bounds write with WebM
video
* MFSA 2014-79/CVE-2014-1581 (bmo#1068218) Use-after-free interacting
with text directionality
* MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
Inconsistent video sharing within iframe


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-613

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

MozillaThunderbird-31.2.0-70.35.2
MozillaThunderbird-buildsymbols-31.2.0-70.35.2
MozillaThunderbird-debuginfo-31.2.0-70.35.2
MozillaThunderbird-debugsource-31.2.0-70.35.2
MozillaThunderbird-devel-31.2.0-70.35.2
MozillaThunderbird-translations-common-31.2.0-70.35.2
MozillaThunderbird-translations-other-31.2.0-70.35.2


References:

http://support.novell.com/security/cve/CVE-2014-1574.html
http://support.novell.com/security/cve/CVE-2014-1576.html
http://support.novell.com/security/cve/CVE-2014-1577.html
http://support.novell.com/security/cve/CVE-2014-1578.html
http://support.novell.com/security/cve/CVE-2014-1581.html
http://support.novell.com/security/cve/CVE-2014-1585.html
http://support.novell.com/security/cve/CVE-2014-1586.html
https://bugzilla.suse.com/show_bug.cgi?id=900941


< Previous Next >
This Thread
  • No further messages