Articles / SuSE: New XULrunner package…

SuSE: New XULrunner packages fix security issues

Mozilla XULRunner was updated to fix a security issue with the embedded libpng, where a integer overflow could allow remote attackers to crash the browser or potentially execute code. Updated packages are available from download.opensuse.org.

  openSUSE Security Update: mozilla-xulrunner192: 1.9.2.27
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0297-1
Rating:             important
References:         #747328 
Cross-References:   CVE-2011-3026
Affected Products:
                   openSUSE 11.4
______________________________________________________________________________

  An update that fixes one vulnerability is now available. It
  includes 5 new package versions.

Description:

  Mozilla XULRunner was updated to 1.9.2.27 to fix a security
  issue with the embedded libpng, where a integer overflow
  could allow remote attackers to crash the browser or
  potentially execute code (CVE-2011-3026),


Patch Instructions:

  To install this openSUSE Security Update use YaST online_update.
  Alternatively you can run the command listed for your product:

  - openSUSE 11.4:

     zypper in -t patch MozillaFirefox-5825 MozillaThunderbird-5826 mozilla-js192-5832 seamonkey-5834

  To bring your system up-to-date, use "zypper patch".


Package List:

  - openSUSE 11.4 (i586 x86_64) [New Version: 1.9.2.27,10.0.2,2.7.2 and 3.1.19]:

     MozillaFirefox-10.0.2-0.2.1
     MozillaFirefox-branding-upstream-10.0.2-0.2.1
     MozillaFirefox-buildsymbols-10.0.2-0.2.1
     MozillaFirefox-devel-10.0.2-0.2.1
     MozillaFirefox-translations-common-10.0.2-0.2.1
     MozillaFirefox-translations-other-10.0.2-0.2.1
     MozillaThunderbird-3.1.19-0.25.1
     MozillaThunderbird-buildsymbols-3.1.19-0.25.1
     MozillaThunderbird-devel-3.1.19-0.25.1
     MozillaThunderbird-translations-common-3.1.19-0.25.1
     MozillaThunderbird-translations-other-3.1.19-0.25.1
     enigmail-1.1.2+3.1.19-0.25.1
     mozilla-js192-1.9.2.27-0.2.1
     mozilla-xulrunner192-1.9.2.27-0.2.1
     mozilla-xulrunner192-buildsymbols-1.9.2.27-0.2.1
     mozilla-xulrunner192-devel-1.9.2.27-0.2.1
     mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
     mozilla-xulrunner192-translations-common-1.9.2.27-0.2.1
     mozilla-xulrunner192-translations-other-1.9.2.27-0.2.1
     seamonkey-2.7.2-0.2.1
     seamonkey-dom-inspector-2.7.2-0.2.1
     seamonkey-irc-2.7.2-0.2.1
     seamonkey-translations-common-2.7.2-0.2.1
     seamonkey-translations-other-2.7.2-0.2.1
     seamonkey-venkman-2.7.2-0.2.1

  - openSUSE 11.4 (x86_64) [New Version: 1.9.2.27]:

     mozilla-js192-32bit-1.9.2.27-0.2.1
     mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
     mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
     mozilla-xulrunner192-translations-common-32bit-1.9.2.27-0.2.1
     mozilla-xulrunner192-translations-other-32bit-1.9.2.27-0.2.1


References:

  http://support.novell.com/security/cve/CVE-2011-3026.html
  https://bugzilla.novell.com/747328
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.