Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.3323
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3323
<patchinfo incident="3323"> <packager>pcerny</packager> <issue tracker="bnc" id="1009026">VUL-0: MozillaFirefox 50 / 45.5 ESR security release</issue> <issue tracker="bnc" id="992549">L3: MozillaFirefox-45.2.0esr shipped with SLED 12 SP1 fails to go into fullscreen mode</issue> <issue tracker="cve" id="2016-5291"/> <issue tracker="cve" id="2016-5290"/> <issue tracker="cve" id="2016-5297"/> <issue tracker="cve" id="2016-5296"/> <issue tracker="cve" id="2016-9064"/> <issue tracker="cve" id="2016-9066"/> <issue tracker="cve" id="2016-9074"/> <issue tracker="bnc" id="1010401">VUL-0: CVE-2016-5297: MozillaFirefox: Incorrect argument length checking in JavaScript</issue> <issue tracker="bnc" id="1010422">VUL-0: CVE-2016-9074: mozilla-nss: Insufficient timing side-channel resistance in divSpoiler</issue> <issue tracker="bnc" id="1010404">VUL-0: CVE-2016-9066: MozillaFirefox: Integer overflow leading to a buffer overflow in nsScriptLoadHandler</issue> <issue tracker="bnc" id="1010395">VUL-0: CVE-2016-5296: MozillaFirefox: Heap-buffer-overflow WRITE in rasterize_edges_1</issue> <issue tracker="bnc" id="1010402">VUL-0: CVE-2016-9064: MozillaFirefox: Add-ons update must verify IDs match between current and new versions</issue> <issue tracker="bnc" id="1010427">VUL-0: CVE-2016-5290: MozillaFirefox: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5</issue> <issue tracker="bnc" id="1010410">VUL-0: CVE-2016-5291: MozillaFirefox: Same-origin policy violation using local HTML file and saved shortcut file</issue> <issue tracker="cve" id="2016-5285"/> <issue tracker="bnc" id="1010517"/> <category>security</category> <rating>important</rating> <summary>Security update for MozillaFirefox, mozilla-nss</summary> <description>This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5 (bsc#1009026): - CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401) - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404) - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395) - CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402) - CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427) - CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410) The following vulnerabilities were fixed in mozilla-nss 3.21.3: - CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422) - CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517) The following bugs were fixed: - Firefox would fail to go into fullscreen mode with some window managers (bsc#992549) The Mozilla Firefox changelog was amended to document patched dropped in a previous update. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor