Solution
Please Install the Updated Packages.
Insight
MozillaFirefox was updated to Firefox 25.0.
MozillaThunderbird was updated to Thunderbird 24.1.0.
Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1.
Changes in MozillaFirefox:
* requires NSS 3.15.2 or above
* MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards
* MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element
* MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access
violation with XSLT and uninitialized data
* MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions
* MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding
* MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache
* MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass of PDF.js checks using iframes
* MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing
* MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory
corruption in workers
* MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates
Changes in MozillaThunderbird:
* requires NSS 3.15.2 or above
* MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards
* MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element
* MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access
violation with XSLT and uninitialized data
* MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions
* MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding
* MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache
* MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing
* MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory
corruption in workers
* MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates
- update to Thunderbird 24.0.1
* fqdn for smtp server name was not accepted (bmo#913785) * fixed crash in PL_strncasecmp (bmo#917955)
- update Enigmail to 1.6
* The passphrase timeout configuration in Enigmail is now read and written from/to gpg-agent.
* New dialog to change the expiry date of keys
* New function to search for the OpenPGP keys of all Add ...
Description truncated, for more information please check the Reference URL
Affected
Mozilla Suite on openSUSE 12.2
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities