Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for Mozilla Firefox and others (openSUSE-SU-2013:0630-1)
Summary:The remote host is missing an update for the 'Mozilla Firefox and others'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'Mozilla Firefox and others'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The Mozilla suite received security and bugfix updates:

Mozilla Firefox was updated to version 20.0. Mozilla
Thunderbird was updated to version 17.0.5. Mozilla
Seamonkey was updated to version 17.0.5. Mozilla XULRunner
was updated to version 17.0.5. mozilla-nss was updated to
version 3.14.3. mozilla-nspr was updated to version 4.9.6.

mozilla-nspr was updated to version 4.9.6:

* aarch64 support

* added PL_SizeOfArenaPoolExcludingPool function

* Auto detect android api version for x86 (bmo#782214)

* Initialize Windows CRITICAL_SECTIONs without debug info
and with nonzero spin count (bmo#812085) Previous update
to version 4.9.5

* bmo#634793: define NSPR's exact-width integer types
PRInt{N} and PRUint{N} types to match the
exact-width integer types int{N}_t and uint{N}_t.

* bmo#782815: passing 'int *' to parameter of type
'unsigned int *' in setsockopt().

* bmo#822932: Port bmo#802527 (NDK r8b support for x86) to

* bmo#824742: NSPR shouldn't require librt on Android.

* bmo#831793: data race on lib-&>refCount in

mozilla-nss was updated to version 3.14.3:

* disable tests with expired certificates

* add SEC_PKCS7VerifyDetachedSignatureAtTime using patch
from mozilla tree to fulfill Firefox 21 requirements

* No new major functionality is introduced in this release.
This release is a patch release to address CVE-2013-1620

* 'certutil -a' was not correctly producing ASCII output as
requested. (bmo#840714)

* NSS 3.14.2 broke compilation with older versions of
sqlite that lacked the SQLITE_FCNTL_TEMPFILENAME file
control. NSS 3.14.3 now properly compiles when used with
older versions of sqlite (bmo#837799) - remove

* add arm aarch64 support

* added system-sqlite.patch (bmo#837799)

* do not depend on latest sqlite just for a #define

* enable system sqlite usage again

* update to 3.14.2

* required for Firefox &>= 20

* removed obsolete nssckbi update patch

* MFSA 2013-40/CVE-2013-0791 (bmo#629816) Out-of-bounds
array read in CERT_DecodeCertPackage

* disable system sqlite usage since we depend on 3.7.15
which is not provided in any openSUSE distribution

* add nss-sqlitename.patch to avoid any name clash

Changes in MozillaFirefox:

- update to Firefox 20.0 (bnc#813026)

* requires NSPR 4.9.5 and NSS 3.14.3

* MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous
memory safety hazards

* MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds

Affected Software/OS:
Mozilla Firefox and others on openSUSE 12.2, openSUSE 12.1

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-0788
Debian Security Information: DSA-2699 (Google Search)
RedHat Security Advisories: RHSA-2013:0696
RedHat Security Advisories: RHSA-2013:0697
SuSE Security Announcement: SUSE-SU-2013:0645 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:0850 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0630 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0631 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0875 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0789
Common Vulnerability Exposure (CVE) ID: CVE-2013-0791
BugTraq ID: 58826
RedHat Security Advisories: RHSA-2013:1135
RedHat Security Advisories: RHSA-2013:1144
Common Vulnerability Exposure (CVE) ID: CVE-2013-0792
Common Vulnerability Exposure (CVE) ID: CVE-2013-0793
BugTraq ID: 58837
Common Vulnerability Exposure (CVE) ID: CVE-2013-0794
Common Vulnerability Exposure (CVE) ID: CVE-2013-0795
Common Vulnerability Exposure (CVE) ID: CVE-2013-0796
Common Vulnerability Exposure (CVE) ID: CVE-2013-0800
Common Vulnerability Exposure (CVE) ID: CVE-2013-1620
BugTraq ID: 57777
BugTraq ID: 64758
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.