Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for Mozilla Firefox and others (openSUSE-SU-2013:0631-1)
Summary:The remote host is missing an update for the 'Mozilla Firefox and others'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'Mozilla Firefox and others'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The Mozilla suite received security and bugfix updates:

Firefox was updated to version 20.0. Thunderbird was
updated to version 17.0.5. Seamonkey was updated to version
2.17 mozilla-nss was updated to version 3.14.3.
mozilla-nspr was updated to version 4.9.6.

mozilla-nspr was updated to version 4.9.6:

* aarch64 support

* added PL_SizeOfArenaPoolExcludingPool function

* Auto detect android api version for x86 (bmo#782214)

* Initialize Windows CRITICAL_SECTIONs without debug info
and with nonzero spin count (bmo#812085) Previous update
to version 4.9.5

* bmo#634793: define NSPR's exact-width integer types
PRInt{N} and PRUint{N} types to match the
exact-width integer types int{N}_t and uint{N}_t.

* bmo#782815: passing 'int *' to parameter of type
'unsigned int *' in setsockopt().

* bmo#822932: Port bmo#802527 (NDK r8b support for x86) to

* bmo#824742: NSPR shouldn't require librt on Android.

* bmo#831793: data race on lib-&>refCount in

mozilla-nss was updated to version 3.14.3:

* disable tests with expired certificates

* add SEC_PKCS7VerifyDetachedSignatureAtTime using patch
from mozilla tree to fulfill Firefox 21 requirements

* No new major functionality is introduced in this release.
This release is a patch release to address CVE-2013-1620

* 'certutil -a' was not correctly producing ASCII output as
requested. (bmo#840714)

* NSS 3.14.2 broke compilation with older versions of
sqlite that lacked the SQLITE_FCNTL_TEMPFILENAME file
control. NSS 3.14.3 now properly compiles when used with
older versions of sqlite (bmo#837799) - remove

* add aarch64 support

* added system-sqlite.patch (bmo#837799)

* do not depend on latest sqlite just for a #define

* enable system sqlite usage again

* update to 3.14.2

* required for Firefox &>= 20

* removed obsolete nssckbi update patch

* MFSA 2013-40/CVE-2013-0791 (bmo#629816) Out-of-bounds
array read in CERT_DecodeCertPackage

* disable system sqlite usage since we depend on 3.7.15
which is not provided in any openSUSE distribution

* add nss-sqlitename.patch to avoid any name clash

Changes in MozillaFirefox:

- update to Firefox 20.0 (bnc#813026)

* requires NSPR 4.9.5 and NSS 3.14.3

* MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous
memory safety hazards

* MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds
write in Cairo library

* MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash
with Mesa graphics driver on Linux

Affected Software/OS:
Mozilla Firefox and others on openSUSE 11.4

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-0788
Debian Security Information: DSA-2699 (Google Search)
RedHat Security Advisories: RHSA-2013:0696
RedHat Security Advisories: RHSA-2013:0697
SuSE Security Announcement: SUSE-SU-2013:0645 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:0850 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0630 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0631 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0875 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0789
Common Vulnerability Exposure (CVE) ID: CVE-2013-0792
Common Vulnerability Exposure (CVE) ID: CVE-2013-0793
BugTraq ID: 58837
Common Vulnerability Exposure (CVE) ID: CVE-2013-0794
Common Vulnerability Exposure (CVE) ID: CVE-2013-0795
Common Vulnerability Exposure (CVE) ID: CVE-2013-0796
Common Vulnerability Exposure (CVE) ID: CVE-2013-0800
Common Vulnerability Exposure (CVE) ID: CVE-2013-1620
BugTraq ID: 57777
BugTraq ID: 64758
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
RedHat Security Advisories: RHSA-2013:1135
RedHat Security Advisories: RHSA-2013:1144
Common Vulnerability Exposure (CVE) ID: CVE-2013-0791
BugTraq ID: 58826
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.