Mailinglist Archive: opensuse-updates (94 mails)

< Previous Next >
openSUSE-SU-2010:0102-3 (critical): MozillaFirefox-branding-openSUSE: Update to 3.5 branding
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Tue, 13 Apr 2010 22:08:11 +0200 (CEST)
  • Message-id: <20100413200812.01924BE13@xxxxxxxxxxxxxx>
openSUSE Security Update: MozillaFirefox-branding-openSUSE: Update to 3.5
branding
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0102-3
Rating: critical
References: #586567
Cross-References: CVE-2009-3555 CVE-2010-0173 CVE-2010-0174
CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0179 CVE-2010-0181
CVE-2010-0182
Affected Products:
openSUSE 11.2
openSUSE 11.1
openSUSE 11.0
______________________________________________________________________________

An update that fixes 10 vulnerabilities is now available.
It includes 5 new package versions.

Description:

This patch updates Mozilla Firefox from the 3.0 stable
branch to the 3.5.9 release.

It includes also following security fixes: MFSA 2010-16:
Mozilla developers identified and fixed several stability
bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these crashes showed
evidence of memory corruption under certain circumstances,
and we presume that with enough effort at least some of
these could be exploited to run arbitrary code. References

Martijn Wargers, Josh Soref, and Jesse Ruderman reported
crashes in the browser engine that affected Firefox 3.5 and
Firefox 3.6. (CVE-2010-0173)

Jesse Ruderman and Ehsan Akhgari reported crashes that
affected all supported versions of the browser engine.
(CVE-2010-0174)


MFSA 2010-17 / CVE-2010-0175: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
that a select event handler for XUL tree items could be
called after the tree item was deleted. This results in the
execution of previously freed memory which an attacker
could use to crash a victim's browser and run arbitrary
code on the victim's computer.


MFSA 2010-18 / CVE-2010-0176: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
an error in the way <option> elements are inserted into a
XUL tree <optgroup>. In certain cases, the number of
references to an <option> element is under-counted so that
when the element is deleted, a live pointer to its old
location is kept around and may later be used. An attacker
could potentially use these conditions to run arbitrary
code on a victim's computer.


MFSA 2010-19 / CVE-2010-0177: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
an error in the implementation of the
window.navigator.plugins object. When a page reloads, the
plugins array would reallocate all of its members without
checking for existing references to each member. This could
result in the deletion of objects for which valid pointers
still exist. An attacker could use this vulnerability to
crash a victim's browser and run arbitrary code on the
victim's machine.

MFSA 2010-20 / CVE-2010-0178: Security researcher Paul
Stone reported that a browser applet could be used to turn
a simple mouse click into a drag-and-drop action,
potentially resulting in the unintended loading of
resources in a user's browser. This behavior could be used
twice in succession to first load a privileged chrome: URL
in a victim's browser, then load a malicious javascript:
URL on top of the same document resulting in arbitrary
script execution with chrome privileges.


MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher
moz_bug_r_a4 reported that the XMLHttpRequestSpy module in
the Firebug add-on was exposing an underlying chrome
privilege escalation vulnerability. When the
XMLHttpRequestSpy object was created, it would attach
various properties of itself to objects defined in web
content, which were not being properly wrapped to prevent
their exposure to chrome privileged objects. This could
result in an attacker running arbitrary JavaScript on a
victim's machine, though it required the victim to have
Firebug installed, so the overall severity of the issue was
determined to be High.


MFSA 2010-22 / CVE-2009-3555: Mozilla developers added
support in the Network Security Services module for
preventing a type of man-in-the-middle attack against TLS
using forced renegotiation.

Note that to benefit from the fix, Firefox 3.6 and Firefox
3.5 users will need to set their
security.ssl.require_safe_negotiation preference to true.
Firefox 3 does not contain the fix for this issue.


MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof
reported that when an image tag points to a resource that
redirects to a mailto: URL, the external mail handler
application is launched. This issue poses no security
threat to users but could create an annoyance when browsing
a site that allows users to post arbitrary images.


MFSA 2010-24 / CVE-2010-0182: Mozilla community member
Wladimir Palant reported that XML documents were failing to
call certain security checks when loading new content. This
could result in certain resources being loaded that would
otherwise violate security policies set by the browser or
installed add-ons.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.2:

zypper in -t patch MozillaFirefox-2273

- openSUSE 11.1:

zypper in -t patch MozillaFirefox-branding-openSUSE-2281
firefox35upgrade-2262 mozilla-xulrunner190-2261

- openSUSE 11.0:

zypper in -t patch firefox35upgrade-2262 mozilla-xulrunner190-2261

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.2 (i586 src x86_64) [New Version: 1.9.1.9 and 3.5.9]:

MozillaFirefox-3.5.9-0.1.1
mozilla-xulrunner191-1.9.1.9-1.1.1

- openSUSE 11.2 (i586 x86_64) [New Version: 1.9.1.9 and 3.5.9]:

MozillaFirefox-branding-upstream-3.5.9-0.1.1
MozillaFirefox-translations-common-3.5.9-0.1.1
MozillaFirefox-translations-other-3.5.9-0.1.1
mozilla-xulrunner191-devel-1.9.1.9-1.1.1
mozilla-xulrunner191-gnomevfs-1.9.1.9-1.1.1
mozilla-xulrunner191-translations-common-1.9.1.9-1.1.1
mozilla-xulrunner191-translations-other-1.9.1.9-1.1.1
python-xpcom191-1.9.1.9-1.1.1

- openSUSE 11.2 (x86_64) [New Version: 1.9.1.9]:

mozilla-xulrunner191-32bit-1.9.1.9-1.1.1
mozilla-xulrunner191-gnomevfs-32bit-1.9.1.9-1.1.1

- openSUSE 11.1 (i586 ppc src x86_64) [New Version: 1.9.0.19,3.5 and 3.5.9]:

MozillaFirefox-3.5.9-0.1.1
MozillaFirefox-branding-openSUSE-3.5-10.1.1
beagle-0.3.8-46.35.1
mhtml-firefox-0.5-1.27.2
mozilla-xulrunner190-1.9.0.19-0.1.1
mozilla-xulrunner191-1.9.1.9-1.1.1

- openSUSE 11.1 (i586 ppc x86_64) [New Version: 1.9.0.19 and 3.5.9]:

MozillaFirefox-branding-upstream-3.5.9-0.1.1
MozillaFirefox-translations-common-3.5.9-0.1.1
MozillaFirefox-translations-other-3.5.9-0.1.1
beagle-devel-0.3.8-46.35.1
beagle-epiphany-0.3.8-46.35.1
beagle-evolution-0.3.8-46.35.1
beagle-firefox-0.3.8-46.35.1
beagle-google-0.3.8-46.35.1
beagle-gui-0.3.8-46.35.1
beagle-lang-0.3.8-46.35.1
beagle-thunderbird-0.3.8-46.35.1
mozilla-xulrunner190-devel-1.9.0.19-0.1.1
mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1.1
mozilla-xulrunner190-translations-1.9.0.19-0.1.1
mozilla-xulrunner191-devel-1.9.1.9-1.1.1
mozilla-xulrunner191-gnomevfs-1.9.1.9-1.1.1
mozilla-xulrunner191-translations-common-1.9.1.9-1.1.1
mozilla-xulrunner191-translations-other-1.9.1.9-1.1.1
python-xpcom190-1.9.0.19-0.1.1
python-xpcom191-1.9.1.9-1.1.1

- openSUSE 11.1 (noarch src):

autoconf213-2.13-3.1.1

- openSUSE 11.1 (x86_64) [New Version: 1.9.0.19]:

mozilla-xulrunner190-32bit-1.9.0.19-0.1.1
mozilla-xulrunner190-gnomevfs-32bit-1.9.0.19-0.1.1
mozilla-xulrunner190-translations-32bit-1.9.0.19-0.1.1
mozilla-xulrunner191-32bit-1.9.1.9-1.1.1
mozilla-xulrunner191-gnomevfs-32bit-1.9.1.9-1.1.1

- openSUSE 11.0 (i586 ppc src x86_64) [New Version: 0.5,1.9.0.19 and 3.5.9]:

MozillaFirefox-3.5.9-0.1
beagle-0.3.7-22.2
mhtml-firefox-0.5-2.1
mozilla-xulrunner190-1.9.0.19-0.1
mozilla-xulrunner191-1.9.1.9-1.1

- openSUSE 11.0 (i586 ppc x86_64) [New Version: 1.9.0.19 and 3.5.9]:

MozillaFirefox-branding-upstream-3.5.9-0.1
MozillaFirefox-translations-common-3.5.9-0.1
MozillaFirefox-translations-other-3.5.9-0.1
beagle-devel-0.3.7-22.2
beagle-epiphany-0.3.7-22.2
beagle-evolution-0.3.7-22.2
beagle-firefox-0.3.7-22.2
beagle-google-0.3.7-22.2
beagle-gui-0.3.7-22.2
beagle-lang-0.3.7-22.2
beagle-thunderbird-0.3.7-22.2
mozilla-xulrunner190-devel-1.9.0.19-0.1
mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1
mozilla-xulrunner190-translations-1.9.0.19-0.1
mozilla-xulrunner191-devel-1.9.1.9-1.1
mozilla-xulrunner191-gnomevfs-1.9.1.9-1.1
mozilla-xulrunner191-translations-common-1.9.1.9-1.1
mozilla-xulrunner191-translations-other-1.9.1.9-1.1
python-xpcom191-1.9.1.9-1.1

- openSUSE 11.0 (noarch src):

autoconf213-2.13-3.1

- openSUSE 11.0 (x86_64) [New Version: 1.9.0.19]:

mozilla-xulrunner190-32bit-1.9.0.19-0.1
mozilla-xulrunner190-gnomevfs-32bit-1.9.0.19-0.1
mozilla-xulrunner190-translations-32bit-1.9.0.19-0.1
mozilla-xulrunner191-32bit-1.9.1.9-1.1
mozilla-xulrunner191-gnomevfs-32bit-1.9.1.9-1.1

- openSUSE 11.0 (ppc) [New Version: 1.9.0.19]:

mozilla-xulrunner190-64bit-1.9.0.19-0.1
mozilla-xulrunner190-gnomevfs-64bit-1.9.0.19-0.1
mozilla-xulrunner190-translations-64bit-1.9.0.19-0.1
mozilla-xulrunner191-64bit-1.9.1.9-1.1
mozilla-xulrunner191-gnomevfs-64bit-1.9.1.9-1.1


References:

http://support.novell.com/security/cve/CVE-2009-3555.html
http://support.novell.com/security/cve/CVE-2010-0173.html
http://support.novell.com/security/cve/CVE-2010-0174.html
http://support.novell.com/security/cve/CVE-2010-0175.html
http://support.novell.com/security/cve/CVE-2010-0176.html
http://support.novell.com/security/cve/CVE-2010-0177.html
http://support.novell.com/security/cve/CVE-2010-0178.html
http://support.novell.com/security/cve/CVE-2010-0179.html
http://support.novell.com/security/cve/CVE-2010-0181.html
http://support.novell.com/security/cve/CVE-2010-0182.html
https://bugzilla.novell.com/586567


< Previous Next >
This Thread
  • No further messages