[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

openSUSE-SU-2013:1633-1 -- Suse Mozilla Suite

ID: oval:org.secpod.oval:def:400563Date: (C)2013-11-26   (M)2017-09-22
Class: PATCHFamily: unix




MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 Use-after-free in HTML document templates Changes in MozillaThunderbird: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 Use-after-free in HTML document templates - update to Thunderbird 24.0.1 * fqdn for smtp server name was not accepted * fixed crash in PL_strncasecmp - update Enigmail to 1.6 * The passphrase timeout configuration in Enigmail is now read and written from/to gpg-agent. * New dialog to change the expiry date of keys * New function to search for the OpenPGP keys of all Address Book entries on a keyserver * removed obsolete enigmail-build.patch Changes in xulrunner: - update to 17.0.10esr * require NSS 3.14.4 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-95/CVE-2013-5604 Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-98/CVE-2013-5597 Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 Memory corruption in workers - update to 17.0.9esr * MFSA 2013-65/CVE-2013-1705 Buffer underflow when generating CRMF requests * MFSA 2013-76/CVE-2013-1718 Miscellaneous memory safety hazards * MFSA 2013-79/CVE-2013-1722 Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-82/CVE-2013-1725 Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-88/CVE-2013-1730 Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 User-defined properties on DOM proxies get the wrong "this" object Changes in mozilla-nspr: - update to version 4.10.1 * bmo#888273: RWIN Scaling limited to 2 on Windows 7 and 8 * bmo#907512: Unix platforms shouldn"t mask errors specific to Unix domain sockets

Platform:
openSUSE 12.2
openSUSE 12.3
Product:
Mozilla Suite
Reference:
openSUSE-SU-2013:1633-1
CVE-2013-1705
CVE-2013-1718
CVE-2013-1722
CVE-2013-1725
CVE-2013-1730
CVE-2013-1732
CVE-2013-1735
CVE-2013-1736
CVE-2013-1737
CVE-2013-5590
CVE-2013-5591
CVE-2013-5592
CVE-2013-5593
CVE-2013-5595
CVE-2013-5596
CVE-2013-5597
CVE-2013-5598
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5603
CVE-2013-5604
CVE    23
CVE-2013-1705
CVE-2013-1722
CVE-2013-1725
CVE-2013-1718
...

© 2013 SecPod Technologies