SUSE-SU-2015:1268-1 -- SLES MozillaFirefox, libfreebl3, libsoftokn3, mozilla-nspr, mozilla-nssID: oval:org.secpod.oval:def:89045470 | Date: (C)2021-08-04 (M)2024-02-19 |
Class: PATCH | Family: unix |
MozillaFirefox, mozilla-nspr and mozilla-nss were updated to fix 17 security issues. For more details please check the changelogs. These security issues were fixed: - CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards . - CVE-2015-2728: Type confusion in Indexed Database Manager . - CVE-2015-2730: ECDSA signature validation fails to handle some signatures correctly . - CVE-2015-2722/CVE-2015-2733: Use-after-free in workers while using XMLHttpRequest . - CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737/CVE-2015-2738/CVE-2 015-2739/CVE-2015-2740: Vulnerabilities found through code inspection . - CVE-2015-2743: Privilege escalation in PDF.js . - CVE-2015-4000: NSS accepts export-length DHE keys with regular DHE cipher suites . - CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange . This non-security issue was fixed: - bsc#908275: Firefox did not print in landscape orientation.
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
MozillaFirefox |
libfreebl3 |
libsoftokn3 |
mozilla-nspr |
mozilla-nss |