[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

openSUSE-SU-2013:1634-1 -- Suse Mozilla

ID: oval:org.secpod.oval:def:400564Date: (C)2013-11-26   (M)2023-12-07
Class: PATCHFamily: unix




Update NSPR to 4.10.1 Update Thunderbird to 24.1.0 Update Firefox to 24.1.0esr Changes in MozillaFirefox: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 Use-after-free in HTML document templates Changes in MozillaThunderbird: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 Use-after-free in HTML document templates - update to Thunderbird 24.0.1 * fqdn for smtp server name was not accepted * fixed crash in PL_strncasecmp - update Enigmail to 1.6 * The passphrase timeout configuration in Enigmail is now read and written from/to gpg-agent. * New dialog to change the expiry date of keys * New function to search for the OpenPGP keys of all Address Book entries on a keyserver * removed obsolete enigmail-build.patch Changes in mozilla-nspr: - update to version 4.10.1 * bmo#888273: RWIN Scaling limited to 2 on Windows 7 and 8 * bmo#907512: Unix platforms shouldn"t mask errors specific to Unix domain sockets

Platform:
openSUSE 11.4
Product:
Mozilla
Reference:
openSUSE-SU-2013:1634-1
CVE-2013-5590
CVE-2013-5591
CVE-2013-5592
CVE-2013-5593
CVE-2013-5595
CVE-2013-5596
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5603
CVE-2013-5604
CVE-2013-5598
CVE    14
CVE-2013-5595
CVE-2013-5596
CVE-2013-5593
CVE-2013-5591
...
CPE    1
cpe:/o:opensuse:opensuse:11.4

© SecPod Technologies