Oval Definition:oval:org.opensuse.security:def:80081
Revision Date:2016-02-04Version:1
Title:Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)
Description:



This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: (bsc#963520)

Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2.

The following vulnerabilities were fixed:

- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635) - CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)

The following improvements were added:

- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites - Tracking protection is now enabled by default
Family:unixClass:patch
Status:Reference(s):954447
963520
963632
963635
963731
CVE-2016-1930
CVE-2016-1935
CVE-2016-1938
SUSE-SU-2016:0334-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.6.0esr-31.3 is installed
  • OR MozillaFirefox-branding-SLED-38-18.24 is installed
  • OR MozillaFirefox-translations-38.6.0esr-31.3 is installed
  • OR libfreebl3-3.20.2-25.2 is installed
  • OR libfreebl3-32bit-3.20.2-25.2 is installed
  • OR libsoftokn3-3.20.2-25.2 is installed
  • OR libsoftokn3-32bit-3.20.2-25.2 is installed
  • OR mozilla-nss-3.20.2-25.2 is installed
  • OR mozilla-nss-32bit-3.20.2-25.2 is installed
  • OR mozilla-nss-tools-3.20.2-25.2 is installed
    • BACK