Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] SUSE-SU-2013:1153-1: important: Security update for Mozilla Firefox

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

SUSE Security Update: Security update for Mozilla Firefox

______________________________________________________________________________

 

Announcement ID: SUSE-SU-2013:1153-1

Rating: important

References: #825935

Cross-References: CVE-2013-1682 CVE-2013-1684 CVE-2013-1685

CVE-2013-1686 CVE-2013-1687 CVE-2013-1690

CVE-2013-1692 CVE-2013-1693 CVE-2013-1697

 

Affected Products:

SUSE Linux Enterprise Server 11 SP2 for VMware

SUSE Linux Enterprise Server 11 SP2

SUSE Linux Enterprise Server 11 SP1 for VMware LTSS

SUSE Linux Enterprise Server 11 SP1 LTSS

SUSE Linux Enterprise Server 10 SP4

SUSE Linux Enterprise Desktop 11 SP2

SUSE Linux Enterprise Desktop 10 SP4

SLE SDK 10 SP4

______________________________________________________________________________

 

An update that fixes 9 vulnerabilities is now available. It

includes two new package versions.

 

Description:

 

 

Mozilla Firefox has been updated to the 17.0.7 ESR version,

which fixes bugs and security issues.

 

*

 

MFSA 2013-49: Mozilla developers identified and fixed

several memory safety bugs in the browser engine used in

Firefox and other Mozilla-based products. Some of these

bugs showed evidence of memory corruption under certain

circumstances, and we presume that with enough effort at

least some of these could be exploited to run arbitrary

code.

 

Gary Kwong, Jesse Ruderman, and Andrew McCreight

reported memory safety problems and crashes that affect

Firefox ESR 17, and Firefox 21. (CVE-2013-1682)

 

*

 

MFSA 2013-50: Security researcher Abhishek Arya

(Inferno) of the Google Chrome Security Team used the

Address Sanitizer tool to discover a series of

use-after-free problems rated critical as security issues

in shipped software. Some of these issues are potentially

exploitable, allowing for remote code execution. We would

also like to thank Abhishek for reporting additional

use-after-free and buffer overflow flaws in code introduced

during Firefox development. These were fixed before general

release.

 

o Heap-use-after-free in

mozilla::dom::HTMLMediaElement::LookupMediaElementURITable

(CVE-2013-1684) o Heap-use-after-free in

nsIDocument::GetRootElement (CVE-2013-1685) o

Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686)

*

 

MFSA 2013-51 / CVE-2013-1687: Security researcher

Mariusz Mlynski reported that it is possible to compile a

user-defined function in the XBL scope of a specific

element and then trigger an event within this scope to run

code. In some circumstances, when this code is run, it can

access content protected by System Only Wrappers (SOW) and

chrome-privileged pages. This could potentially lead to

arbitrary code execution. Additionally, Chrome Object

Wrappers (COW) can be bypassed by web content to access

privileged methods, leading to a cross-site scripting (XSS)

attack from privileged pages.

 

*

 

MFSA 2013-53 / CVE-2013-1690: Security researcher

Nils reported that specially crafted web content using the

onreadystatechange event and reloading of pages could

sometimes cause a crash when unmapped memory is executed.

This crash is potentially exploitable.

 

*

 

MFSA 2013-54 / CVE-2013-1692: Security researcher

Johnathan Kuskos reported that Firefox is sending data in

the body of XMLHttpRequest (XHR) HEAD requests, which goes

agains the XHR specification. This can potentially be used

for Cross-Site Request Forgery (CSRF) attacks against sites

which do not distinguish between HEAD and POST requests.

 

*

 

MFSA 2013-55 / CVE-2013-1693: Security researcher

Paul Stone of Context Information Security discovered that

timing differences in the processing of SVG format images

with filters could allow for pixel values to be read. This

could potentially allow for text values to be read across

domains, leading to information disclosure.

 

*

 

MFSA 2013-59 / CVE-2013-1697: Mozilla security

researcher moz_bug_r_a4 reported that XrayWrappers can be

bypassed to call content-defined toString and valueOf

methods through DefaultValue. This can lead to unexpected

behavior when privileged code acts on the incorrect values.

 

Security Issue references:

 

* CVE-2013-1682

 

* CVE-2013-1684

 

* CVE-2013-1685

 

* CVE-2013-1686

 

* CVE-2013-1687

 

* CVE-2013-1690

 

* CVE-2013-1692

 

* CVE-2013-1693

 

* CVE-2013-1697

 

 

 

Patch Instructions:

 

To install this SUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- SUSE Linux Enterprise Server 11 SP2 for VMware:

 

zypper in -t patch slessp2-firefox-20130628-7976

 

- SUSE Linux Enterprise Server 11 SP2:

 

zypper in -t patch slessp2-firefox-20130628-7976

 

- SUSE Linux Enterprise Server 11 SP1 for VMware LTSS:

 

zypper in -t patch slessp1-firefox-20130628-7977

 

- SUSE Linux Enterprise Server 11 SP1 LTSS:

 

zypper in -t patch slessp1-firefox-20130628-7977

 

- SUSE Linux Enterprise Desktop 11 SP2:

 

zypper in -t patch sledsp2-firefox-20130628-7976

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 17.0.7esr]:

 

MozillaFirefox-17.0.7esr-0.3.1

MozillaFirefox-translations-17.0.7esr-0.3.1

 

- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 17.0.7esr]:

 

MozillaFirefox-17.0.7esr-0.3.1

MozillaFirefox-branding-SLED-7-0.6.9.31

MozillaFirefox-translations-17.0.7esr-0.3.1

 

- SUSE Linux Enterprise Server 11 SP1 for VMware LTSS (i586 x86_64) [New Version: 17.0.7esr]:

 

MozillaFirefox-17.0.7esr-0.3.1

MozillaFirefox-translations-17.0.7esr-0.3.1

 

- SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 17.0.7esr and 7]:

 

MozillaFirefox-17.0.7esr-0.3.1

MozillaFirefox-branding-SLED-7-0.6.9.31

MozillaFirefox-translations-17.0.7esr-0.3.1

 

- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 17.0.7esr and 7]:

 

MozillaFirefox-17.0.7esr-0.6.1

MozillaFirefox-branding-SLED-7-0.10.28

MozillaFirefox-translations-17.0.7esr-0.6.1

 

- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 17.0.7esr]:

 

MozillaFirefox-17.0.7esr-0.3.1

MozillaFirefox-branding-SLED-7-0.6.9.31

MozillaFirefox-translations-17.0.7esr-0.3.1

 

- SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 17.0.7esr and 7]:

 

MozillaFirefox-17.0.7esr-0.6.1

MozillaFirefox-branding-SLED-7-0.10.28

MozillaFirefox-translations-17.0.7esr-0.6.1

 

- SLE SDK 10 SP4 (i586 ia64 ppc s390x):

 

MozillaFirefox-branding-upstream-17.0.7esr-0.6.1

 

 

References:

 

http://support.novell.com/security/cve/CVE-2013-1682.html

http://support.novell.com/security/cve/CVE-2013-1684.html

http://support.novell.com/security/cve/CVE-2013-1685.html

http://support.novell.com/security/cve/CVE-2013-1686.html

http://support.novell.com/security/cve/CVE-2013-1687.html

http://support.novell.com/security/cve/CVE-2013-1690.html

http://support.novell.com/security/cve/CVE-2013-1692.html

http://support.novell.com/security/cve/CVE-2013-1693.html

http://support.novell.com/security/cve/CVE-2013-1697.html

https://bugzilla.novell.com/825935

http://download.novell.com/patch/finder/?keywords=061026413fe3bb69a7f42e0b70363e4a

http://download.novell.com/patch/finder/?keywords=1133af3aaf996a7684d227efbb12bd71

http://download.novell.com/patch/finder/?keywords=7d0f6003f49140e3d5ad8c675f178612

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×