openSUSE Security Update: Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr ______________________________________________________________________________ Announcement ID: openSUSE-SU-2015:0677-1 Rating: important References: #925368 #925392 #925393 #925394 #925395 #925396 #925397 #925398 #925399 #925400 #925401 #925402 #926166 Cross-References: CVE-2015-0799 CVE-2015-0801 CVE-2015-0802 CVE-2015-0803 CVE-2015-0804 CVE-2015-0805 CVE-2015-0806 CVE-2015-0807 CVE-2015-0808 CVE-2015-0811 CVE-2015-0812 CVE-2015-0813 CVE-2015-0814 CVE-2015-0815 CVE-2015-0816 Affected Products: openSUSE 13.2 openSUSE 13.1 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox: * Miscellaneous memory safety hazards (MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 boo#925392) * Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31/CVE-2015-0813 bmo#1106596 boo#925393) * Add-on lightweight theme installation approval bypassed through MITM attack (MFSA 2015-32/CVE-2015-0812 bmo#1128126 boo#925394) * resource:// documents can load privileged pages (MFSA 2015-33/CVE-2015-0816 bmo#1144991 boo#925395) * Out of bounds read in QCMS library (MFSA-2015-34/CVE-2015-0811 bmo#1132468 boo#925396) * Incorrect memory management for simple-type arrays in WebRTC (MFSA-2015-36/CVE-2015-0808 bmo#1109552 boo#925397) * CORS requests should not follow 30x redirections after preflight (MFSA-2015-37/CVE-2015-0807 bmo#1111834 boo#925398) * Memory corruption crashes in Off Main Thread Compositing (MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 bmo#1135511 bmo#1099437 boo#925399) * Use-after-free due to type confusion flaws (MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (mo#1134560 boo#925400) * Same-origin bypass through anchor navigation (MFSA-2015-40/CVE-2015-0801 bmo#1146339 boo#925401) * Windows can retain access to privileged content on navigation to unprivileged pages (MFSA-2015-42/CVE-2015-0802 bmo#1124898 boo#925402) The following vulnerability was fixed in functionality that was not released as an update to openSUSE: * Certificate verification could be bypassed through the HTTP/2 Alt-Svc header (MFSA 2015-44/CVE-2015-0799 bmo#1148328 bnc#926166) The functionality added in 37.0 and thus removed in 37.0.1 was: * Opportunistically encrypt HTTP traffic where the server supports HTTP/2 AltSvc The following functionality was added or updated in Mozilla Firefox: * Heartbeat user rating system * Yandex set as default search provider for the Turkish locale * Bing search now uses HTTPS for secure searching * Improved protection against site impersonation via OneCRL centralized certificate revocation * some more behaviour changes for TLS The following vulnerabilities were fixed in Mozilla Thunderbird: * Miscellaneous memory safety hazards (MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 boo#925392) * Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31/CVE-2015-0813 bmo#1106596 boo#925393) * resource:// documents can load privileged pages (MFSA 2015-33/CVE-2015-0816 bmo#1144991 boo#925395) * CORS requests should not follow 30x redirections after preflight (MFSA-2015-37/CVE-2015-0807 bmo#1111834 boo#925398) * Same-origin bypass through anchor navigation (MFSA-2015-40/CVE-2015-0801 bmo#1146339 boo#925401) mozilla-nspr was updated to 4.10.8 as a dependency and received the following changes: * bmo#573192: remove the stack-based PRFileDesc cache. * bmo#756047: check for _POSIX_THREAD_PRIORITY_SCHEDULING > 0 instead of only checking if the identifier is defined. * bmo#1089908: Fix variable shadowing in _PR_MD_LOCKFILE. Use PR_ARRAY_SIZE to get the array size of _PR_RUNQ(t->cpu). * bmo#1106600: Replace PR_ASSERT(!"foo") with PR_NOT_REACHED("foo") to fix clang -Wstring-conversion warnings. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2015-290=1 - openSUSE 13.1: zypper in -t patch openSUSE-2015-290=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): MozillaFirefox-37.0.1-23.1 MozillaFirefox-branding-upstream-37.0.1-23.1 MozillaFirefox-buildsymbols-37.0.1-23.1 MozillaFirefox-debuginfo-37.0.1-23.1 MozillaFirefox-debugsource-37.0.1-23.1 MozillaFirefox-devel-37.0.1-23.1 MozillaFirefox-translations-common-37.0.1-23.1 MozillaFirefox-translations-other-37.0.1-23.1 MozillaThunderbird-31.6.0-15.3 MozillaThunderbird-buildsymbols-31.6.0-15.3 MozillaThunderbird-debuginfo-31.6.0-15.3 MozillaThunderbird-debugsource-31.6.0-15.3 MozillaThunderbird-devel-31.6.0-15.3 MozillaThunderbird-translations-common-31.6.0-15.3 MozillaThunderbird-translations-other-31.6.0-15.3 mozilla-nspr-4.10.8-6.1 mozilla-nspr-debuginfo-4.10.8-6.1 mozilla-nspr-debugsource-4.10.8-6.1 mozilla-nspr-devel-4.10.8-6.1 - openSUSE 13.2 (x86_64): mozilla-nspr-32bit-4.10.8-6.1 mozilla-nspr-debuginfo-32bit-4.10.8-6.1 - openSUSE 13.1 (i586 x86_64): MozillaFirefox-37.0.1-68.1 MozillaFirefox-branding-upstream-37.0.1-68.1 MozillaFirefox-buildsymbols-37.0.1-68.1 MozillaFirefox-debuginfo-37.0.1-68.1 MozillaFirefox-debugsource-37.0.1-68.1 MozillaFirefox-devel-37.0.1-68.1 MozillaFirefox-translations-common-37.0.1-68.1 MozillaFirefox-translations-other-37.0.1-68.1 MozillaThunderbird-31.6.0-70.50.2 MozillaThunderbird-buildsymbols-31.6.0-70.50.2 MozillaThunderbird-debuginfo-31.6.0-70.50.2 MozillaThunderbird-debugsource-31.6.0-70.50.2 MozillaThunderbird-devel-31.6.0-70.50.2 MozillaThunderbird-translations-common-31.6.0-70.50.2 MozillaThunderbird-translations-other-31.6.0-70.50.2 mozilla-nspr-4.10.8-22.1 mozilla-nspr-debuginfo-4.10.8-22.1 mozilla-nspr-debugsource-4.10.8-22.1 mozilla-nspr-devel-4.10.8-22.1 - openSUSE 13.1 (x86_64): mozilla-nspr-32bit-4.10.8-22.1 mozilla-nspr-debuginfo-32bit-4.10.8-22.1 References: https://www.suse.com/security/cve/CVE-2015-0799.html https://www.suse.com/security/cve/CVE-2015-0801.html https://www.suse.com/security/cve/CVE-2015-0802.html https://www.suse.com/security/cve/CVE-2015-0803.html https://www.suse.com/security/cve/CVE-2015-0804.html https://www.suse.com/security/cve/CVE-2015-0805.html https://www.suse.com/security/cve/CVE-2015-0806.html https://www.suse.com/security/cve/CVE-2015-0807.html https://www.suse.com/security/cve/CVE-2015-0808.html https://www.suse.com/security/cve/CVE-2015-0811.html https://www.suse.com/security/cve/CVE-2015-0812.html https://www.suse.com/security/cve/CVE-2015-0813.html https://www.suse.com/security/cve/CVE-2015-0814.html https://www.suse.com/security/cve/CVE-2015-0815.html https://www.suse.com/security/cve/CVE-2015-0816.html https://bugzilla.suse.com/925368 https://bugzilla.suse.com/925392 https://bugzilla.suse.com/925393 https://bugzilla.suse.com/925394 https://bugzilla.suse.com/925395 https://bugzilla.suse.com/925396 https://bugzilla.suse.com/925397 https://bugzilla.suse.com/925398 https://bugzilla.suse.com/925399 https://bugzilla.suse.com/925400 https://bugzilla.suse.com/925401 https://bugzilla.suse.com/925402 https://bugzilla.suse.com/926166 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org