[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for SUSE Linux Enterprise'
Notification of New SUSE Fixlet Messages
suse-announcements at bigmail.bigfix.com
Sat Apr 17 03:11:11 PDT 2010
Fixlet Site - 'Patches for SUSE Linux Enterprise'
Current Version: 316 Published: Fri, 16 Apr 2010 21:29:53 GMT
New Fixlets:
============
***************************************************************
Title: PATCH-B10041201 - Security update for MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-translations, mozilla-xulrunner191, mozilla-xulrunner191-devel, mozilla-xulrunner191-gnomevfs, mozilla-xulrunner191-translations, python-xpcom191 - SLES
Severity: <Unspecified>
Fixlet ID: 1004120101
Fixlet Link: http://download.novell.com/Download?buildid=FfvPaD4q05w~
Fixlet Description: Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041201 - Dependencies Needed - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120102
Fixlet Link: http://download.novell.com/Download?buildid=FfvPaD4q05w~
Fixlet Description: Updated Mozilla Firefox packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following package must be installed at the specified version or greater: MozillaFirefox-3.5.3-1.4.2.i586.rpm mozilla-nspr-4.8.2-1.5.1.i586.rpm mozilla-nss-3.12.6-3.4.1.i586.rpm
***************************************************************
Title: PATCH-B10041201 - Security update for MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-translations, mozilla-xulrunner191, mozilla-xulrunner191-devel, mozilla-xulrunner191-gnomevfs, mozilla-xulrunner191-translations, python-xpcom191 - SLED
Severity: <Unspecified>
Fixlet ID: 1004120103
Fixlet Link: http://download.novell.com/Download?buildid=SbdKhzQkXDc~
Fixlet Description: Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041201 - Dependencies Needed - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120104
Fixlet Link: http://download.novell.com/Download?buildid=SbdKhzQkXDc~
Fixlet Description: Updated Mozilla Firefox packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following package must be installed at the specified version or greater: MozillaFirefox-3.5.3-1.4.2.i586.rpm mozilla-nspr-4.8.2-1.5.1.i586.rpm
***************************************************************
Title: PATCH-B10041201 - Dependency Conflict - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120106
Fixlet Link: http://download.novell.com/Download?buildid=FfvPaD4q05w~
Fixlet Description: Updated Mozilla XULRunner that addresses a security vulnerability are now available. However, the listed computers have the package "mozilla-xulrunner190-devel" installed, less than version "1.9.1.9-1.4.1" which conflicts with this security update. You must uninstall or upgrade this package in order for this security update to become relevant.
***************************************************************
Title: PATCH-B10041201 - Dependency Conflict - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120108
Fixlet Link: http://download.novell.com/Download?buildid=SbdKhzQkXDc~
Fixlet Description: Updated Mozilla XULRunner that addresses a security vulnerability are now available. However, the listed computers have the package "mozilla-xulrunner190-devel" installed, less than version "1.9.1.9-1.4.1" which conflicts with this security update. You must uninstall or upgrade this package in order for this security update to become relevant.
***************************************************************
Title: PATCH-B10041202 - Security update for Mozilla XULRunner - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120201
Fixlet Link: http://download.novell.com/Download?buildid=E2yviphzK3A~
Fixlet Description: Mozilla XULRunner was updated to version 1.9.0.19 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Please install this update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041202 - Dependencies Needed - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120202
Fixlet Link: http://download.novell.com/Download?buildid=E2yviphzK3A~
Fixlet Description: Updated Mozilla XULRunner packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm mozilla-nss-3.12.3.1-1.4.2.i586.rpm
***************************************************************
Title: PATCH-B10041202 - Security update for Mozilla XULRunner - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120203
Fixlet Link: http://download.novell.com/Download?buildid=cPNTrN9Ea7w~
Fixlet Description: Mozilla XULRunner was updated to version 1.9.0.19 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Please install this update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041202 - Dependencies Needed - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120204
Fixlet Link: http://download.novell.com/Download?buildid=cPNTrN9Ea7w~
Fixlet Description: Updated Mozilla Firefox packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following package must be installed at the specified version or greater: MozillaFirefox-3.5.3-1.4.2.i586.rpm mozilla-nspr-4.8.2-1.5.1.i586.rpm
***************************************************************
Title: PATCH-B10041202 - Dependency Conflict - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120206
Fixlet Link: http://download.novell.com/Download?buildid=E2yviphzK3A~
Fixlet Description: Updated Mozilla XULRunner that addresses a security vulnerability are now available. However, the listed computers have the package "mozilla-xulrunner190-devel" installed, less than version "1.9.0.19-0.4.1" which conflicts with this security update. You must uninstall or upgrade this package in order for this security update to become relevant.
***************************************************************
Title: PATCH-B10041202 - Dependency Conflict - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120208
Fixlet Link: http://download.novell.com/Download?buildid=cPNTrN9Ea7w~
Fixlet Description: Updated Mozilla XULRunner that addresses a security vulnerability are now available. However, the listed computers have the package "mozilla-xulrunner190-devel" installed, less than version "1.9.0.19-0.4.1" which conflicts with this security update. You must uninstall or upgrade this package in order for this security update to become relevant.
***************************************************************
Title: PATCH-B10041203 - Security update for Mozilla NSS - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120301
Fixlet Link: http://download.novell.com/Download?buildid=-btHz1HvKcw~
Fixlet Description: Mozilla NSS was updated to version 3.12.6. This fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555). Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041203 - Security update for Mozilla NSS - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004120303
Fixlet Link: http://download.novell.com/Download?buildid=cByWP1kmLW4~
Fixlet Description: Mozilla NSS was updated to version 3.12.6. This fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555). Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041204 - Security update for Mozilla Firefox - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120401
Fixlet Link: http://download.novell.com/Download?buildid=10uk46Q-KVA~
Fixlet Description: Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041204 - Dependencies Needed - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120402
Fixlet Link: http://download.novell.com/Download?buildid=10uk46Q-KVA~
Fixlet Description: Updated Mozilla Firefox packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm
***************************************************************
Title: PATCH-B10041204 - Security update for Mozilla Firefox - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120403
Fixlet Link: http://download.novell.com/Download?buildid=a3WZ7db5tgY~
Fixlet Description: Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041204 - Dependencies Needed - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120404
Fixlet Link: http://download.novell.com/Download?buildid=a3WZ7db5tgY~
Fixlet Description: Updated Mozilla Firefox packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm mozilla-nss-3.12.6-3.4.1.i586.rpm
***************************************************************
Title: PATCH-B10041205 - Security update for Mozilla XULrunner - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120501
Fixlet Link: http://download.novell.com/Download?buildid=_mNThVaL2dw~
Fixlet Description: Mozilla XULRunner was updated to version 1.9.0.19 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Please install this update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041205 - Dependencies Needed - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120502
Fixlet Link: http://download.novell.com/Download?buildid=_mNThVaL2dw~
Fixlet Description: Updated Mozilla XULRunner packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm mozilla-nss-3.12.6-3.4.1.i586.rpm
***************************************************************
Title: PATCH-B10041205 - Security update for Mozilla XULrunner - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120503
Fixlet Link: http://download.novell.com/Download?buildid=qVQoh-YqzgU~
Fixlet Description: Mozilla XULRunner was updated to version 1.9.0.19 fixing lots of bugs and security issues. Following security issues were fixed: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. References Martijn Wargers, Josh Soref, and Jesse Ruderman reported crashes in the browser engine that affected Firefox 3.5 and Firefox 3.6. (CVE-2010-0173) Jesse Ruderman and Ehsan Akhgari reported crashes that affected all supported versions of the browser engine. (CVE-2010-0174) MFSA 2010-17 / CVE-2010-0175: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer. MFSA 2010-18 / CVE-2010-0176: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way option elements are inserted into a XUL tree optgroup. In certain cases, the number of references to an option element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer. MFSA 2010-19 / CVE-2010-0177: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window. navigator. plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine. MFSA 2010-20 / CVE-2010-0178: Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges. MFSA 2010-21 / CVE-2010-0179: Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High. MFSA 2010-22 / CVE-2009-3555: Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation. Note that to benefit from the fix, Firefox 3.6 and Firefox 3.5 users will need to set their security. ssl. require_safe_negotiation preference to true. Firefox 3 does not contain the fix for this issue. MFSA 2010-23 / CVE-2010-0181: phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images. MFSA 2010-24 / CVE-2010-0182: Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons. Please install this update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041205 - Dependencies Needed - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120504
Fixlet Link: http://download.novell.com/Download?buildid=qVQoh-YqzgU~
Fixlet Description: Updated Mozilla XULRunner packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm mozilla-nss-3.12.6-3.4.1.i586.rpm
***************************************************************
Title: PATCH-B10041206 - Security update for Mozilla NSS - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120601
Fixlet Link: http://download.novell.com/Download?buildid=DVjgHeK8fhw~
Fixlet Description: Mozilla NSS was updated to version 3.12.6. This fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555). Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041206 - Dependencies Needed - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120602
Fixlet Link: http://download.novell.com/Download?buildid=DVjgHeK8fhw~
Fixlet Description: Updated Mozilla NSS packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm
***************************************************************
Title: PATCH-B10041206 - Security update for Mozilla NSS - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120603
Fixlet Link: http://download.novell.com/Download?buildid=f45crZSJ38g~
Fixlet Description: Mozilla NSS was updated to version 3.12.6. This fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling (CVE-2009-3555). Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041206 - Dependencies Needed - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004120604
Fixlet Link: http://download.novell.com/Download?buildid=f45crZSJ38g~
Fixlet Description: Updated Mozilla NSS packages are now available for SuSE Linux Enterprise 10. However, these packages have dependencies that must be resolved. The following packages must be installed at the specified version or greater : mozilla-nspr-4.8.2-1.5.1.i586.rpm
***************************************************************
Title: PATCH-B10041401 - Security update for pango - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004140101
Fixlet Link: http://download.novell.com/Download?buildid=6jsaUKkSTKY~
Fixlet Description: This update of pango fixes a memory corruption bug that can possibly be exploited to execute arbitrary code remotely. This bug could occur while processing fonts from untrusted sources. CVE-2010-0421 Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041401 - Security update for pango - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1004140103
Fixlet Link: http://download.novell.com/Download?buildid=efUlEqLyJ2Y~
Fixlet Description: This update of pango fixes a memory corruption bug that can possibly be exploited to execute arbitrary code remotely. This bug could occur while processing fonts from untrusted sources. CVE-2010-0421 Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041402 - Security update for kdm - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004140201
Fixlet Link: http://download.novell.com/Download?buildid=RYH5vc7Yb8g~
Fixlet Description: The KDE display manager kdm contains a race condition which allows local attackers to make arbitrary files orld writable. CVE-2010-0436 has been assigned to this issue. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041403 - Security update for kdm - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004140301
Fixlet Link: http://download.novell.com/Download?buildid=4vwZXT9EE7Q~
Fixlet Description: The KDE display manager kdm contains a race condition which allows local attackers to make arbitrary files orld writable. CVE-2010-0436 has been assigned to this issue. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041403 - Security update for kdm - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004140303
Fixlet Link: http://download.novell.com/Download?buildid=UB3Kooi2G08~
Fixlet Description: The KDE display manager kdm contains a race condition which allows local attackers to make arbitrary files orld writable. CVE-2010-0436 has been assigned to this issue. Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041404 - Security update for pango - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 1004140401
Fixlet Link: http://download.novell.com/Download?buildid=4M58KawDqmg~
Fixlet Description: This update of pango fixes a memory corruption bug that can possibly be exploited to execute arbitrary code remotely. This bug could occur while processing fonts from untrusted sources. CVE-2010-0421 Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041404 - Security update for pango - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004140403
Fixlet Link: http://download.novell.com/Download?buildid=eAXJ_M5On_A~
Fixlet Description: This update of pango fixes a memory corruption bug that can possibly be exploited to execute arbitrary code remotely. This bug could occur while processing fonts from untrusted sources. CVE-2010-0421 Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041405 - Security update for gimp - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1004140501
Fixlet Link: http://download.novell.com/Download?buildid=MXrbGfts-ys~
Fixlet Description: Integer overflows in the BMP and PSD plug-ins potentially allowed attackers to execute arbitrary code on the victim's system by tricking the victim to open specially crafted files. CVE-2009-1570: CVSS v2 Base Score: 4.3 (moderate) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors (CWE-189) CVE-2009-3909: CVSS v2 Base Score: 4.3 (moderate) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors (CWE-189) Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10041406 - Security update for gimp - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 1004140601
Fixlet Link: http://download.novell.com/Download?buildid=XKDHHN39mgM~
Fixlet Description: Integer overflows in the BMP and PSD plug-ins potentially allowed attackers to execute arbitrary code on the victim's system by tricking the victim to open specially crafted files. CVE-2009-1570: CVSS v2 Base Score: 4.3 (moderate) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors (CWE-189) CVE-2009-3909: CVSS v2 Base Score: 4.3 (moderate) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors (CWE-189) Everyone should update. Please see patch page for more detailed information.
More information about the SUSE-Announcements
mailing list