Bug 712224 - (CVE-2011-2989) VUL-0: MozillaFirefox 6 / 3.6.20 security update round
(CVE-2011-2989)
VUL-0: MozillaFirefox 6 / 3.6.20 security update round
Status: RESOLVED FIXED
: 711954 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P1 - Urgent : Critical
: ---
Assigned To: Petr Cerny
Security Team bot
maint:released:11.3:42735 maint:relea...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-08-15 11:19 UTC by Marcus Meissner
Modified: 2020-04-05 18:15 UTC (History)
4 users (show)

See Also:
Found By: Third Party Developer/Partner
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2011-08-15 11:19:02 UTC
Aug 16 will be the release of Firefox 3.6.20 and Firefox 6.

This is the trackerbug.
Comment 1 Swamp Workflow Management 2011-08-15 11:20:08 UTC
The SWAMPID for this issue is 42663.
This issue was rated as important.
Please submit fixed packages until 2011-08-22.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 2 Wolfgang Rosenauer 2011-08-15 11:25:32 UTC
I had filed bug 711954 about it. (and obviously didn't add the right people ;-))
Comment 3 Marcus Meissner 2011-08-15 11:32:30 UTC
*** Bug 711954 has been marked as a duplicate of this bug. ***
Comment 4 Marcus Meissner 2011-08-15 11:32:59 UTC
yes ;)

from your bug:
MozillaFirefox 3.6.20
mozilla-xulrunner192 1.9.2.20
MozillaFirefox 6 ("security" update to 5)
MozillaThunderbird 3.1.12
MozillaThunderbird 6 ("security" update to 5)
Comment 5 Wolfgang Rosenauer 2011-08-15 11:37:07 UTC
And another one:
Seamonkey 2.2 -> 2.3
Comment 6 Marcus Meissner 2011-08-17 14:06:02 UTC
firefox 6:
Mozilla Foundation Security Advisory 2011-29 (MFSA 2011-29)

* Miscellaneous memory safety hazards:
  Mozilla identified and fixed several memory safety bugs in the 
  browser engine used in Firefox 4, Firefox 5 and other Mozilla-based
  products. Some of these bugs showed evidence of memory corruption
  under certain circumstances, and we presume that with enough effort
  at least some of these could be exploited to run arbitrary code.

  Aral Yaman reported a WebGL crash which affected Firefox 4 and Firefox 5.
  (CVE-2011-2989)

  Vivekanand Bolajwar reported a JavaScript crash which affected Firefox 4
  and Firefox 5. (CVE-2011-2991)

  Bert Hubert and Theo Snelleman of Fox-IT reported a crash in the Ogg
  reader which affected Firefox 4 and Firefox 5. (CVE-2011-2992)

  Mozilla developers and community members Robert Kaiser, Jesse Ruderman, 
  moz_bug_r_a4, Mardeg, Gary Kwong, Christoph Diehl, Martijn Wargers,
  Travis Emmitt, Bob Clary and Jonathan Watt reported memory safety
  issues which affected Firefox 4 and Firefox 5. (CVE-2011-2985)
                                

* Unsigned scripts can call script inside signed JAR
  Rafael Gieschke reported that unsigned JavaScript could call into script 
  inside a signed JAR thereby inheriting the identity of the site that
  signed the JAR as well as any permissions that a user had granted the
  signed JAR. (CVE-2011-2993)
                        
* String crash using WebGL shaders
  Michael Jordon of Context IS reported that an overly long shader program 
  could cause a buffer overrun and crash in a string class used to store
  the shader source code. (CVE-2011-2988)

* Heap overflow in ANGLE library
  Michael Jordon of Context IS reported a potentially exploitable heap 
  overflow in the ANGLE library used by Mozilla's WebGL implementation. (CVE-2011-2987)

* Crash in SVGTextElement.getCharNumAtPosition()
  Security researcher regenrecht reported via TippingPoint's Zero Day 
  Initiative that a SVG text manipulation routine contained a dangling
  pointer vulnerability. (CVE-2011-0084)

* Credential leakage using Content Security Policy reports
  Mike Cardwell reported that Content Security Policy violation reports 
  failed to strip out proxy authorization credentials from the list of
  request headers. Daniel Veditz reported that redirecting to a website
  with Content Security Policy resulted in the incorrect resolution of
  hosts in the constructed policy. (CVE-2011-2990)

* Cross-origin data theft using canvas and Windows D2D
  nasalislarvatus3000 reported that when using Windows D2D hardware
  acceleration, image data from one domain could be inserted into a
  canvas and read by a different domain. (CVE-2011-2986)
Comment 7 Marcus Meissner 2011-08-17 14:15:07 UTC
3.6.20:

Mozilla Foundation Security Advisory 2011-30 (MFSA 2011-30)

* Miscellaneous memory safety hazards

  Mozilla developers and community members identified and fixed several
  memory safety bugs in the browser engine used in Firefox 3.6 and other
  Mozilla-based products. Some of these bugs showed evidence of memory
  corruption under certain circumstances, and we presume that with enough
  effort at least some of these could be exploited to run arbitrary code.

  Gary Kwong, Igor Bukanov, Nils and Bob Clary reported memory safety 
  issues which affected Firefox 3.6. (CVE-2011-2982)
  
* Crash in SVGTextElement.getCharNumAtPosition()

  Security researcher regenrecht reported via TippingPoint's Zero Day 
  Initiative that a SVG text manipulation routine contained a dangling
  pointer vulnerability. (CVE-2011-0084)

* Privilege escalation using event handlers

  Mozilla security researcher moz_bug_r_a_4 reported a vulnerability in 
  event management code that would permit JavaScript to be run in the
  wrong context, including that of a different website or potentially
  in a chrome-privileged context. (CVE-2011-2981)

* Dangling pointer vulnerability in appendChild

  Security researcher regenrecht reported via TippingPoint's Zero Day 
  Initiative that appendChild did not correctly account for DOM objects it
  operated upon and could be exploited to dereference an invalid 
  pointer. (CVE-2011-2378)

* Privilege escalation dropping a tab element in content area

  Mozilla security researcher moz_bug_r_a4 reported that web content 
  could receive chrome privileges if it registered for drop events and
  a browser tab element was dropped into the content area. (CVE-2011-2984)

* Binary planting vulnerability in ThinkPadSensor::Startup

  Security researcher Mitja Kolsek of Acros Security reported that 
  ThinkPadSensor::Startup could potentially be exploited to load a
  malicious DLL into the running process. (CVE-2011-2980)
  (This issue is likely Windows only)

* Private data leakage using RegExp.input

  Security researcher shutdown reported that data from other domains 
  could be read when RegExp.input was set. (CVE-2011-2983)
Comment 8 Marcus Meissner 2011-08-17 14:25:41 UTC
wolfgang, I do not see the 11.3 MozillaThunderbird? (11.4 is there)
Comment 9 Marcus Meissner 2011-08-17 14:26:33 UTC
11.4 neither, there is just a enigmal release nr fix in the local submit.
Comment 10 Marcus Meissner 2011-08-17 14:30:28 UTC
seamonkey 2.3:

Mozilla Foundation Security Advisory 2011-33

* Miscellaneous memory safety hazards (rv:4.0)
  Mozilla identified and fixed several memory safety bugs in the browser
  engine used in SeaMonkey 2.2 and other Mozilla-based products. Some
  of these bugs showed evidence of memory corruption under certain
  circumstances, and we presume that with enough effort at least some
  of these could be exploited to run arbitrary code.

  Aral Yaman reported a WebGL crash which affected SeaMonkey 2.2. (CVE-2011-2989)

  Vivekanand Bolajwar reported a JavaScript crash which affected SeaMonkey 2.2. (CVE-2011-2991)

  Bert Hubert and Theo Snelleman of Fox-IT reported a crash in the Ogg
  reader which affected SeaMonkey 2.2. (CVE-2011-2992)

  Mozilla developers and community members Robert Kaiser, Jesse Ruderman,
  moz_bug_r_a4, Mardeg, Gary Kwong, Christoph Diehl, Martijn Wargers,
  Travis Emmitt, Bob Clary and Jonathan Watt reported memory safety
  issues which affected SeaMonkey 2.2. (CVE-2011-2985)

* Unsigned scripts can call script inside signed JAR

  Rafael Gieschke reported that unsigned JavaScript could call into script 
  inside a signed JAR thereby inheriting the identity of the site that
  signed the JAR as well as any permissions that a user had granted the
  signed JAR. (CVE-2011-2993)

* String crash using WebGL shaders

  Michael Jordon of Context IS reported that an overly long shader program 
  could cause a buffer overrun and crash in a string class used to store
  the shader source code. (CVE-2011-2988)

* Heap overflow in ANGLE library

  Michael Jordon of Context IS reported a potentially exploitable 
  heap overflow in the ANGLE library used by Mozilla's WebGL
  implementation. (CVE-2011-2987)

* Crash in SVGTextElement.getCharNumAtPosition()

  Security researcher regenrecht reported via TippingPoint's Zero Day 
  Initiative that a SVG text manipulation routine contained a dangling
  pointer vulnerability. (CVE-2011-0084)

* Credential leakage using Content Security Policy reports

  Mike Cardwell reported that Content Security Policy violation reports 
  failed to strip out proxy authorization credentials from the list of
  request headers. Daniel Veditz reported that redirecting to a website
  with Content Security Policy resulted in the incorrect resolution of
  hosts in the constructed policy. (CVE-2011-2990)

* Cross-origin data theft using canvas and Windows D2D

  nasalislarvatus3000 reported that when using Windows D2D hardware
  acceleration, image data from one domain could be inserted into a
  canvas and read by a different domain. (CVE-2011-2986)
Comment 11 Marcus Meissner 2011-08-17 14:41:12 UTC
so: MozillaThunderbird for oS: missing

But also SLE submits missing: Petr?
Comment 12 Wolfgang Rosenauer 2011-08-17 19:23:00 UTC
I will provide Thunderbird asap. I'm travelling and it just needs fixing up the changelogs.

There is a problem with seamonkey on 11.3. Version 2.3 is the only current supported version but afaik fails to build on 11.3 because of too old yasm. How do we proceed with that?
Comment 13 Bernhard Wiedemann 2011-08-17 21:00:08 UTC
This is an autogenerated message for OBS integration:
This bug (712224) was mentioned in
https://build.opensuse.org/request/show/79168 11.4 / MozillaThunderbird
https://build.opensuse.org/request/show/79169 11.3 / MozillaThunderbird
https://build.opensuse.org/request/show/79170 Evergreen:11.2 / MozillaThunderbird
https://build.opensuse.org/request/show/79171 Evergreen:11.1 / MozillaThunderbird
Comment 14 Marcus Meissner 2011-08-18 12:11:59 UTC
why does just seamonkey fail with yasm?

I guess we could update yasm to a newer version by gut feeling.
Comment 15 Wolfgang Rosenauer 2011-08-18 12:18:49 UTC
(In reply to comment #14)
> why does just seamonkey fail with yasm?

Because the higher requirement came with Gecko 2 and we still have Gecko 1.9.2 backed apps only on 11.3 and older

> I guess we could update yasm to a newer version by gut feeling.

That's your call. In the mozilla repo I'm using a newer yasm for older dists w/o issues.
Comment 16 Marcus Meissner 2011-08-18 14:29:13 UTC
i will just put up a 11.3 yasm update to 11.4 level. package and patchinfo si already submittedc.
Comment 17 Marcus Meissner 2011-08-19 08:43:38 UTC
ff 6 on 11.4 did not build due to:

checking for NSPR - version >= 4.8.8... no
configure: error: your don't have NSPR installed or your version is too old
*** Fix above errors and then restart with               "make -f client.mk build"

So we need to rev NSPR and probably also NSS.

Wolfgang, could you submit the current mozilla-nss and -nspr too for 11.4? We just take it with this update. (Should we do it for 11.3 too? will seamonkey 2.3 require it?)
Comment 18 Wolfgang Rosenauer 2011-08-19 09:34:17 UTC
Will submit them asap. Seamonkey will require them as well as it's the same engine as FF6
Comment 19 Swamp Workflow Management 2011-08-19 12:24:35 UTC
Update released for: yasm, yasm-debuginfo, yasm-debugsource, yasm-devel
Products:
openSUSE 11.3 (debug, i586, x86_64)
Comment 20 Swamp Workflow Management 2011-08-23 11:56:30 UTC
Update released for: mozilla-nspr, mozilla-nspr-debuginfo, mozilla-nspr-debugsource, mozilla-nspr-devel
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 21 Swamp Workflow Management 2011-08-23 11:58:01 UTC
Update released for: libfreebl3, libfreebl3-debuginfo, libsoftokn3, libsoftokn3-debuginfo, mozilla-nss, mozilla-nss-certs, mozilla-nss-certs-debuginfo, mozilla-nss-debuginfo, mozilla-nss-debugsource, mozilla-nss-devel, mozilla-nss-sysinit, mozilla-nss-sysinit-debuginfo, mozilla-nss-tools, mozilla-nss-tools-debuginfo
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 22 Petr Cerny 2011-08-23 20:03:04 UTC
Sorry for late submission

14399 home:pcerny:SLE-11/mozilla-xulrunner192 -> SUSE:SLE-11:Update:Test
14400 home:pcerny:SLE-11/MozillaFirefox -> SUSE:SLE-11:Update:Test
14401 home:pcerny:SLE-10-SP3/mozilla-xulrunner192 -> SUSE:SLE-10-SP3:Update:Test
14402 home:pcerny:SLE-10-SP3/MozillaFirefox -> SUSE:SLE-10-SP3:Update:Test

(This should also fix Bug 713027)
Comment 23 Marcus Meissner 2011-08-24 14:18:22 UTC
Thunderbird:

Mozilla Foundation Security Advisory 2011-32 (MFSA 2011-32)
http://www.mozilla.org/security/announce/2011/mfsa2011-32.html

Many of the issues listed below are not exploitable through mail since
JavaScript is disabled by default in Thunderbird. These particular
issues may be triggered while viewing RSS feeds and displaying full
remote content rather than the feed summary. Addons that expose browser
functionality may also enable such issues to be exploited.

* Miscellaneous memory safety hazards (rv:1.9.2.20)

  Mozilla developers and community members identified and fixed several 
  memory safety bugs in the browser engine used in Thunderbird 3.1 and
  other Mozilla-based products. Some of these bugs showed evidence of
  memory corruption under certain circumstances, and we presume that
  with enough effort at least some of these could be exploited to run
  arbitrary code.
  
  Gary Kwong, Igor Bukanov, Nils and Bob Clary reported memory safety 
  issues which affected Thunderbird 3.1. (CVE-2011-2982)

* Crash in SVGTextElement.getCharNumAtPosition()

  Security researcher regenrecht reported via TippingPoint's Zero Day 
  Initiative that a SVG text manipulation routine contained a dangling
  pointer vulnerability. (CVE-2011-0084)

* Privilege escalation using event handlers

  Mozilla security researcher moz_bug_r_a_4 reported a vulnerability in 
  event management code that would permit JavaScript to be run in the
  wrong context, including that of a different website or potentially
  in a chrome-privileged context. (CVE-2011-2981)

* Dangling pointer vulnerability in appendChild

  Security researcher regenrecht reported via TippingPoint's Zero Day 
  Initiative that appendChild did not correctly account for DOM objects it
  operated upon and could be exploited to dereference an invalid pointer.
  (CVE-2011-2378)

* Privilege escalation dropping a tab element in content area

  Mozilla security researcher moz_bug_r_a4 reported that web content 
  could receive chrome privileges if it registered for drop events and
  a browser tab element was dropped into the content area. (CVE-2011-2984)

* Binary planting vulnerability in ThinkPadSensor::Startup

  Security researcher Mitja Kolsek of Acros Security reported that 
  ThinkPadSensor::Startup could potentially be exploited to load a
  malicious DLL into the running process. (CVE-2011-2980)

* Private data leakage using RegExp.input

  Security researcher shutdown reported that data from other domains
  could be read when RegExp.input was set. (CVE-2011-2983)
Comment 24 Swamp Workflow Management 2011-08-26 14:25:52 UTC
Update released for: MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-devel, MozillaFirefox-translations-common, MozillaFirefox-translations-other, mozilla-js192, mozilla-js192-debuginfo, mozilla-xulrunner192, mozilla-xulrunner192-buildsymbols, mozilla-xulrunner192-debuginfo, mozilla-xulrunner192-debugsource, mozilla-xulrunner192-devel, mozilla-xulrunner192-devel-debuginfo, mozilla-xulrunner192-gnome, mozilla-xulrunner192-gnome-debuginfo, mozilla-xulrunner192-translations-common, mozilla-xulrunner192-translations-other
Products:
openSUSE 11.3 (debug, i586, x86_64)
Comment 25 Swamp Workflow Management 2011-08-26 14:31:31 UTC
Update released for: seamonkey, seamonkey-debuginfo, seamonkey-debugsource, seamonkey-dom-inspector, seamonkey-irc, seamonkey-translations-common, seamonkey-translations-other, seamonkey-venkman
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 26 Swamp Workflow Management 2011-08-29 09:21:32 UTC
Update released for: mozilla-js192, mozilla-js192-debuginfo, mozilla-xulrunner192, mozilla-xulrunner192-buildsymbols, mozilla-xulrunner192-debuginfo, mozilla-xulrunner192-debugsource, mozilla-xulrunner192-devel, mozilla-xulrunner192-devel-debuginfo, mozilla-xulrunner192-gnome, mozilla-xulrunner192-gnome-debuginfo, mozilla-xulrunner192-translations-common, mozilla-xulrunner192-translations-other
Products:
openSUSE 11.4 (debug, i586, x86_64)
Comment 27 Swamp Workflow Management 2011-08-29 09:24:57 UTC
Update released for: MozillaThunderbird, MozillaThunderbird-buildsymbols, MozillaThunderbird-debuginfo, MozillaThunderbird-debugsource, MozillaThunderbird-devel, MozillaThunderbird-devel-debuginfo, MozillaThunderbird-translations-common, MozillaThunderbird-translations-other, enigmail, enigmail-debuginfo
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 28 Swamp Workflow Management 2011-08-29 11:40:08 UTC
Update released for: MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-buildsymbols, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-devel, MozillaFirefox-translations-common, MozillaFirefox-translations-other
Products:
openSUSE 11.4 (debug, i586, x86_64)
Comment 29 Marcus Meissner 2011-08-29 12:04:09 UTC
released all I guess.
Comment 30 Swamp Workflow Management 2011-08-29 12:29:07 UTC
Update released for: MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-translations, mozilla-xulrunner192, mozilla-xulrunner192-32bit, mozilla-xulrunner192-64bit, mozilla-xulrunner192-debuginfo, mozilla-xulrunner192-devel, mozilla-xulrunner192-gnome, mozilla-xulrunner192-gnome-32bit, mozilla-xulrunner192-gnome-64bit, mozilla-xulrunner192-gnome-x86, mozilla-xulrunner192-translations, mozilla-xulrunner192-translations-32bit, mozilla-xulrunner192-translations-64bit, mozilla-xulrunner192-translations-x86, mozilla-xulrunner192-x86
Products:
SLE-DEBUGINFO 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Comment 31 Swamp Workflow Management 2011-08-29 13:02:31 UTC
Update released for: MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-translations, mozilla-xulrunner192, mozilla-xulrunner192-32bit, mozilla-xulrunner192-debuginfo, mozilla-xulrunner192-debuginfo-32bit, mozilla-xulrunner192-debuginfo-x86, mozilla-xulrunner192-debugsource, mozilla-xulrunner192-devel, mozilla-xulrunner192-gnome, mozilla-xulrunner192-gnome-32bit, mozilla-xulrunner192-gnome-x86, mozilla-xulrunner192-translations, mozilla-xulrunner192-translations-32bit, mozilla-xulrunner192-translations-x86, mozilla-xulrunner192-x86
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 32 Swamp Workflow Management 2011-08-29 15:19:00 UTC
Update released for: MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-translations, mozilla-xulrunner192, mozilla-xulrunner192-32bit, mozilla-xulrunner192-64bit, mozilla-xulrunner192-debuginfo, mozilla-xulrunner192-devel, mozilla-xulrunner192-gnome, mozilla-xulrunner192-gnome-32bit, mozilla-xulrunner192-gnome-64bit, mozilla-xulrunner192-gnome-x86, mozilla-xulrunner192-translations, mozilla-xulrunner192-translations-32bit, mozilla-xulrunner192-translations-64bit, mozilla-xulrunner192-translations-x86, mozilla-xulrunner192-x86
Products:
SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SAP-APL 10-SP3 (x86_64)
SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 33 Jason Craig 2011-08-29 17:54:56 UTC
Should there be an update to MozillaFirefox-branding-openSUSE?  After I installed the Firefox update in 11.4, Firefox complained that "openSUSE Firefox Extensions" was incompatible with 6.0 and disabled it.
Comment 34 Wolfgang Rosenauer 2011-08-29 18:04:49 UTC
That extension is not very important and we got reports that it may cause a bug with tab groups in Firefox 6 and above.
Therefore we decided not to wait for investigation of that issue before releasing Firefox.
Comment 35 Swamp Workflow Management 2012-04-27 13:08:25 UTC
openSUSE-SU-2012:0567-1: An update that fixes 38 vulnerabilities is now available.

Category: security (moderate)
Bug References: 712224,714931,720264,726758,728520,732898,733002,744275,746616,747328,749440,750044,755060,758408
CVE References: CVE-2011-1187,CVE-2011-2985,CVE-2011-2986,CVE-2011-2987,CVE-2011-2988,CVE-2011-2989,CVE-2011-2991,CVE-2011-2992,CVE-2011-3005,CVE-2011-3062,CVE-2011-3232,CVE-2011-3651,CVE-2011-3652,CVE-2011-3654,CVE-2011-3655,CVE-2011-3658,CVE-2011-3660,CVE-2011-3661,CVE-2011-3663,CVE-2012-0445,CVE-2012-0446,CVE-2012-0447,CVE-2012-0451,CVE-2012-0452,CVE-2012-0459,CVE-2012-0460,CVE-2012-0467,CVE-2012-0468,CVE-2012-0469,CVE-2012-0470,CVE-2012-0471,CVE-2012-0472,CVE-2012-0473,CVE-2012-0474,CVE-2012-0475,CVE-2012-0477,CVE-2012-0478,CVE-2012-0479
Sources used:
openSUSE 12.1 (src):    MozillaFirefox-12.0-2.26.1, MozillaThunderbird-12.0-33.20.1, seamonkey-2.9-2.18.1, xulrunner-12.0-2.26.1
openSUSE 11.4 (src):    MozillaFirefox-12.0-18.1, MozillaThunderbird-12.0-18.1, seamonkey-2.9-18.1
Comment 36 Swamp Workflow Management 2014-09-09 16:14:28 UTC
openSUSE-SU-2014:1100-1: An update that fixes 475 vulnerabilities is now available.

Category: security (important)
Bug References: 104586,354469,385739,390992,417869,41903,429179,439841,441084,455804,484321,503151,518603,527418,528406,529180,542809,559819,576969,582276,586567,593807,603356,622506,637303,642502,645315,649492,657016,664211,667155,689281,701296,712224,714931,720264,726758,728520,732898,733002,737533,744275,746616,747328,749440,750044,755060,758408,765204,771583,777588,783533,786522,790140,796895,804248,808243,813026,819204,825935,833389,840485,847708,854370,861847,868603,875378,876833,881874,887746,894201,894370
CVE References: CVE-2007-3089,CVE-2007-3285,CVE-2007-3656,CVE-2007-3670,CVE-2007-3734,CVE-2007-3735,CVE-2007-3736,CVE-2007-3737,CVE-2007-3738,CVE-2008-0016,CVE-2008-1233,CVE-2008-1234,CVE-2008-1235,CVE-2008-1236,CVE-2008-1237,CVE-2008-3835,CVE-2008-4058,CVE-2008-4059,CVE-2008-4060,CVE-2008-4061,CVE-2008-4062,CVE-2008-4063,CVE-2008-4064,CVE-2008-4065,CVE-2008-4066,CVE-2008-4067,CVE-2008-4068,CVE-2008-4070,CVE-2008-5012,CVE-2008-5014,CVE-2008-5016,CVE-2008-5017,CVE-2008-5018,CVE-2008-5021,CVE-2008-5022,CVE-2008-5024,CVE-2008-5500,CVE-2008-5501,CVE-2008-5502,CVE-2008-5503,CVE-2008-5506,CVE-2008-5507,CVE-2008-5508,CVE-2008-5510,CVE-2008-5511,CVE-2008-5512,CVE-2009-0040,CVE-2009-0771,CVE-2009-0772,CVE-2009-0773,CVE-2009-0774,CVE-2009-0776,CVE-2009-1571,CVE-2009-3555,CVE-2010-0159,CVE-2010-0173,CVE-2010-0174,CVE-2010-0175,CVE-2010-0176,CVE-2010-0182,CVE-2010-0654,CVE-2010-1121,CVE-2010-1196,CVE-2010-1199,CVE-2010-1200,CVE-2010-1201,CVE-2010-1202,CVE-2010-1203,CVE-2010-1205,CVE-2010-1211,CVE-2010-1212,CVE-2010-1213,CVE-2010-1585,CVE-2010-2752,CVE-2010-2753,CVE-2010-2754,CVE-2010-2760,CVE-2010-2762,CVE-2010-2764,CVE-2010-2765,CVE-2010-2766,CVE-2010-2767,CVE-2010-2768,CVE-2010-2769,CVE-2010-3166,CVE-2010-3167,CVE-2010-3168,CVE-2010-3169,CVE-2010-3170,CVE-2010-3173,CVE-2010-3174,CVE-2010-3175,CVE-2010-3176,CVE-2010-3178,CVE-2010-3179,CVE-2010-3180,CVE-2010-3182,CVE-2010-3183,CVE-2010-3765,CVE-2010-3768,CVE-2010-3769,CVE-2010-3776,CVE-2010-3777,CVE-2010-3778,CVE-2011-0053,CVE-2011-0061,CVE-2011-0062,CVE-2011-0069,CVE-2011-0070,CVE-2011-0072,CVE-2011-0074,CVE-2011-0075,CVE-2011-0077,CVE-2011-0078,CVE-2011-0080,CVE-2011-0081,CVE-2011-0083,CVE-2011-0084,CVE-2011-0085,CVE-2011-1187,CVE-2011-2362,CVE-2011-2363,CVE-2011-2364,CVE-2011-2365,CVE-2011-2371,CVE-2011-2372,CVE-2011-2373,CVE-2011-2374,CVE-2011-2376,CVE-2011-2377,CVE-2011-2985,CVE-2011-2986,CVE-2011-2987,CVE-2011-2988,CVE-2011-2989,CVE-2011-2991,CVE-2011-2992,CVE-2011-3000,CVE-2011-3001,CVE-2011-3005,CVE-2011-3026,CVE-2011-3062,CVE-2011-3101,CVE-2011-3232,CVE-2011-3648,CVE-2011-3650,CVE-2011-3651,CVE-2011-3652,CVE-2011-3654,CVE-2011-3655,CVE-2011-3658,CVE-2011-3659,CVE-2011-3660,CVE-2011-3661,CVE-2011-3663,CVE-2012-0441,CVE-2012-0442,CVE-2012-0443,CVE-2012-0444,CVE-2012-0445,CVE-2012-0446,CVE-2012-0447,CVE-2012-0449,CVE-2012-0451,CVE-2012-0452,CVE-2012-0455,CVE-2012-0456,CVE-2012-0457,CVE-2012-0458,CVE-2012-0459,CVE-2012-0460,CVE-2012-0461,CVE-2012-0462,CVE-2012-0463,CVE-2012-0464,CVE-2012-0467,CVE-2012-0468,CVE-2012-0469,CVE-2012-0470,CVE-2012-0471,CVE-2012-0472,CVE-2012-0473,CVE-2012-0474,CVE-2012-0475,CVE-2012-0477,CVE-2012-0478,CVE-2012-0479,CVE-2012-0759,CVE-2012-1937,CVE-2012-1938,CVE-2012-1940,CVE-2012-1941,CVE-2012-1944,CVE-2012-1945,CVE-2012-1946,CVE-2012-1947,CVE-2012-1948,CVE-2012-1949,CVE-2012-1951,CVE-2012-1952,CVE-2012-1953,CVE-2012-1954,CVE-2012-1955,CVE-2012-1956,CVE-2012-1957,CVE-2012-1958,CVE-2012-1959,CVE-2012-1960,CVE-2012-1961,CVE-2012-1962,CVE-2012-1963,CVE-2012-1967,CVE-2012-1970,CVE-2012-1972,CVE-2012-1973,CVE-2012-1974,CVE-2012-1975,CVE-2012-1976,CVE-2012-3956,CVE-2012-3957,CVE-2012-3958,CVE-2012-3959,CVE-2012-3960,CVE-2012-3961,CVE-2012-3962,CVE-2012-3963,CVE-2012-3964,CVE-2012-3966,CVE-2012-3967,CVE-2012-3968,CVE-2012-3969,CVE-2012-3970,CVE-2012-3971,CVE-2012-3972,CVE-2012-3975,CVE-2012-3978,CVE-2012-3980,CVE-2012-3982,CVE-2012-3983,CVE-2012-3984,CVE-2012-3985,CVE-2012-3986,CVE-2012-3988,CVE-2012-3989,CVE-2012-3990,CVE-2012-3991,CVE-2012-3992,CVE-2012-3993,CVE-2012-3994,CVE-2012-3995,CVE-2012-4179,CVE-2012-4180,CVE-2012-4181,CVE-2012-4182,CVE-2012-4183,CVE-2012-4184,CVE-2012-4185,CVE-2012-4186,CVE-2012-4187,CVE-2012-4188,CVE-2012-4191,CVE-2012-4192,CVE-2012-4193,CVE-2012-4194,CVE-2012-4195,CVE-2012-4196,CVE-2012-4201,CVE-2012-4202,CVE-2012-4204,CVE-2012-4205,CVE-2012-4207,CVE-2012-4208,CVE-2012-4209,CVE-2012-4212,CVE-2012-4213,CVE-2012-4214,CVE-2012-4215,CVE-2012-4216,CVE-2012-4217,CVE-2012-4218,CVE-2012-5829,CVE-2012-5830,CVE-2012-5833,CVE-2012-5835,CVE-2012-5836,CVE-2012-5837,CVE-2012-5838,CVE-2012-5839,CVE-2012-5840,CVE-2012-5841,CVE-2012-5842,CVE-2012-5843,CVE-2013-0743,CVE-2013-0744,CVE-2013-0745,CVE-2013-0746,CVE-2013-0747,CVE-2013-0748,CVE-2013-0749,CVE-2013-0750,CVE-2013-0752,CVE-2013-0753,CVE-2013-0754,CVE-2013-0755,CVE-2013-0756,CVE-2013-0757,CVE-2013-0758,CVE-2013-0760,CVE-2013-0761,CVE-2013-0762,CVE-2013-0763,CVE-2013-0764,CVE-2013-0766,CVE-2013-0767,CVE-2013-0768,CVE-2013-0769,CVE-2013-0770,CVE-2013-0771,CVE-2013-0773,CVE-2013-0774,CVE-2013-0775,CVE-2013-0776,CVE-2013-0780,CVE-2013-0782,CVE-2013-0783,CVE-2013-0787,CVE-2013-0788,CVE-2013-0789,CVE-2013-0793,CVE-2013-0795,CVE-2013-0796,CVE-2013-0800,CVE-2013-0801,CVE-2013-1669,CVE-2013-1670,CVE-2013-1674,CVE-2013-1675,CVE-2013-1676,CVE-2013-1677,CVE-2013-1678,CVE-2013-1679,CVE-2013-1680,CVE-2013-1681,CVE-2013-1682,CVE-2013-1684,CVE-2013-1685,CVE-2013-1686,CVE-2013-1687,CVE-2013-1690,CVE-2013-1692,CVE-2013-1693,CVE-2013-1694,CVE-2013-1697,CVE-2013-1701,CVE-2013-1709,CVE-2013-1710,CVE-2013-1713,CVE-2013-1714,CVE-2013-1717,CVE-2013-1718,CVE-2013-1719,CVE-2013-1720,CVE-2013-1722,CVE-2013-1723,CVE-2013-1724,CVE-2013-1725,CVE-2013-1728,CVE-2013-1730,CVE-2013-1732,CVE-2013-1735,CVE-2013-1736,CVE-2013-1737,CVE-2013-1738,CVE-2013-5590,CVE-2013-5591,CVE-2013-5592,CVE-2013-5593,CVE-2013-5595,CVE-2013-5596,CVE-2013-5597,CVE-2013-5599,CVE-2013-5600,CVE-2013-5601,CVE-2013-5602,CVE-2013-5603,CVE-2013-5604,CVE-2013-5609,CVE-2013-5610,CVE-2013-5611,CVE-2013-5612,CVE-2013-5613,CVE-2013-5614,CVE-2013-5615,CVE-2013-5616,CVE-2013-5618,CVE-2013-5619,CVE-2013-6629,CVE-2013-6630,CVE-2013-6671,CVE-2013-6672,CVE-2013-6673,CVE-2014-1477,CVE-2014-1478,CVE-2014-1479,CVE-2014-1480,CVE-2014-1481,CVE-2014-1482,CVE-2014-1483,CVE-2014-1484,CVE-2014-1485,CVE-2014-1486,CVE-2014-1487,CVE-2014-1488,CVE-2014-1489,CVE-2014-1490,CVE-2014-1491,CVE-2014-1492,CVE-2014-1493,CVE-2014-1494,CVE-2014-1497,CVE-2014-1498,CVE-2014-1499,CVE-2014-1500,CVE-2014-1502,CVE-2014-1504,CVE-2014-1505,CVE-2014-1508,CVE-2014-1509,CVE-2014-1510,CVE-2014-1511,CVE-2014-1512,CVE-2014-1513,CVE-2014-1514,CVE-2014-1518,CVE-2014-1519,CVE-2014-1522,CVE-2014-1523,CVE-2014-1524,CVE-2014-1525,CVE-2014-1526,CVE-2014-1528,CVE-2014-1529,CVE-2014-1530,CVE-2014-1531,CVE-2014-1532,CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1539,CVE-2014-1540,CVE-2014-1541,CVE-2014-1542,CVE-2014-1543,CVE-2014-1544,CVE-2014-1545,CVE-2014-1547,CVE-2014-1548,CVE-2014-1549,CVE-2014-1550,CVE-2014-1552,CVE-2014-1553,CVE-2014-1555,CVE-2014-1556,CVE-2014-1557,CVE-2014-1558,CVE-2014-1559,CVE-2014-1560,CVE-2014-1561,CVE-2014-1562,CVE-2014-1563,CVE-2014-1564,CVE-2014-1565,CVE-2014-1567
Sources used:
openSUSE 11.4 (src):    MozillaFirefox-24.8.0-127.1, mozilla-nss-3.16.4-94.1