Mailinglist Archive: opensuse-updates (72 mails)

< Previous Next >
openSUSE-SU-2010:0430-4 (important): MozillaThunderbird: Update to 3.0.6 security release
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Mon, 23 Aug 2010 05:08:08 +0200 (CEST)
  • Message-id: <20100823030808.822F8BE29@xxxxxxxxxxxxxx>
openSUSE Security Update: MozillaThunderbird: Update to 3.0.6 security
release
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0430-4
Rating: important
References: #622506
Affected Products:
openSUSE 11.3
openSUSE 11.2
______________________________________________________________________________

An update that contains security fixes can now be
installed. It includes two new package versions.

Description:

This update brings Mozilla Thunderbird to the 3.0.6
security release.

It fixes following security bugs: MFSA 2010-34 /
CVE-2010-1211: Mozilla developers identified and fixed
several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code. Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor
Bukanov, Gary Kwong, Tobias Markus and Daniel Holbert
reported memory safety problems that affected Firefox 3.6
and Firefox 3.5.

MFSA 2010-39 / CVE-2010-2752: Security researcher J23
reported via TippingPoint's Zero Day Initiative that an
array class used to store CSS values contained an integer
overflow vulnerability. The 16 bit integer value used in
allocating the size of the array could overflow, resulting
in too small a memory buffer being created. When the array
was later populated with CSS values data would be written
past the end of the buffer potentially resulting in the
execution of attacker-controlled memory.

MFSA 2010-40 / CVE-2010-2753: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
an integer overflow vulnerability in the implementation of
the XUL <tree> element's selection attribute. When the size
of a new selection is sufficiently large the integer used
in calculating the length of the selection can overflow,
resulting in a bogus range being marked selected. When
adjustSelection is then called on the bogus range the range
is deleted leaving dangling references to the ranges which
could be used by an attacker to call into deleted memory
and run arbitrary code on a victim's computer.

MFSA 2010-41 / CVE-2010-1205: OUSPG researcher Aki Helin
reported a buffer overflow in Mozilla graphics code which
consumes image data processed by libpng. A malformed PNG
file could be created which would cause libpng to
incorrectly report the size of the image to downstream
consumers. When the dimensions of such images are
underreported, the Mozilla code responsible for displaying
the graphic will allocate too small a memory buffer to
contain the image data and will wind up writing data past
the end of the buffer. This could result in the execution
of attacker-controlled memory.

MFSA 2011-42 / CVE-2010-1213: Security researcher Yosuke
Hasegawa reported that the Web Worker method importScripts
can read and parse resources from other domains even when
the content is not valid JavaScript. This is a violation of
the same-origin policy and could be used by an attacker to
steal information from other sites.

MFSA 2010-46 / CVE-2010-0654: Google security researcher
Chris Evans reported that data can be read across domains
by injecting bogus CSS selectors into a target site and
then retrieving the data using JavaScript APIs. If an
attacker can inject opening and closing portions of a CSS
selector into points A and B of a target page, then the
region between the two injection points becomes readable to
JavaScript through, for example, the getComputedStyle() API.

MFSA 2010-47 / CVE-2010-2754: Security researcher Soroush
Dalili reported that potentially sensitive URL parameters
could be leaked across domains upon script errors when the
script filename and line number is included in the error
message.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch MozillaThunderbird-2755

- openSUSE 11.2:

zypper in -t patch MozillaThunderbird-2755

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.3 (i586 src x86_64) [New Version: 3.0.6]:

MozillaThunderbird-3.0.6-0.1.1

- openSUSE 11.3 (i586 x86_64) [New Version: 3.0.6]:

MozillaThunderbird-devel-3.0.6-0.1.1
MozillaThunderbird-translations-common-3.0.6-0.1.1
MozillaThunderbird-translations-other-3.0.6-0.1.1
enigmail-1.0.1-3.1.1

- openSUSE 11.2 (i586 src x86_64) [New Version: 3.0.6]:

MozillaThunderbird-3.0.6-0.1.1

- openSUSE 11.2 (i586 x86_64) [New Version: 1.0.1 and 3.0.6]:

MozillaThunderbird-devel-3.0.6-0.1.1
MozillaThunderbird-translations-common-3.0.6-0.1.1
MozillaThunderbird-translations-other-3.0.6-0.1.1
enigmail-1.0.1-1.1.1


References:

https://bugzilla.novell.com/622506


< Previous Next >
This Thread
  • No further messages