openSUSE Security Update: Security update for Firefox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2167-1 Rating: moderate References: #990856 #992236 Cross-References: CVE-2016-6354 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update includes Firefox 48.0.1 to fix a few regressions and a security issue: * Fix an audio regression impacting some major websites * Fix a top crash in the JavaScript engine * Fix a startup crash issue caused by Websense * Fix a different behavior with e10s / non-e10s on select and mouse events * Fix a top crash caused by plugin issues * Fix a shutdown issue * Fix a crash in WebRTC - added upstream patch so system plugins/extensions are correctly loaded again on x86-64 - Fix for possible buffer overrun Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch 2016-1019=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): MozillaFirefox-48.0.1-122.3 MozillaFirefox-branding-upstream-48.0.1-122.3 MozillaFirefox-buildsymbols-48.0.1-122.3 MozillaFirefox-debuginfo-48.0.1-122.3 MozillaFirefox-debugsource-48.0.1-122.3 MozillaFirefox-devel-48.0.1-122.3 MozillaFirefox-translations-common-48.0.1-122.3 MozillaFirefox-translations-other-48.0.1-122.3 libfreebl3-3.24-88.1 libfreebl3-debuginfo-3.24-88.1 libsoftokn3-3.24-88.1 libsoftokn3-debuginfo-3.24-88.1 mozilla-nss-3.24-88.1 mozilla-nss-certs-3.24-88.1 mozilla-nss-certs-debuginfo-3.24-88.1 mozilla-nss-debuginfo-3.24-88.1 mozilla-nss-debugsource-3.24-88.1 mozilla-nss-devel-3.24-88.1 mozilla-nss-sysinit-3.24-88.1 mozilla-nss-sysinit-debuginfo-3.24-88.1 mozilla-nss-tools-3.24-88.1 mozilla-nss-tools-debuginfo-3.24-88.1 - openSUSE 13.1 (x86_64): libfreebl3-32bit-3.24-88.1 libfreebl3-debuginfo-32bit-3.24-88.1 libsoftokn3-32bit-3.24-88.1 libsoftokn3-debuginfo-32bit-3.24-88.1 mozilla-nss-32bit-3.24-88.1 mozilla-nss-certs-32bit-3.24-88.1 mozilla-nss-certs-debuginfo-32bit-3.24-88.1 mozilla-nss-debuginfo-32bit-3.24-88.1 mozilla-nss-sysinit-32bit-3.24-88.1 mozilla-nss-sysinit-debuginfo-32bit-3.24-88.1 References: https://www.suse.com/security/cve/CVE-2016-6354.html https://bugzilla.suse.com/990856 https://bugzilla.suse.com/992236