Bug 943608 - VUL-0: MozillaFirefox 40.0.3/38.2.1 ESR security release
VUL-0: MozillaFirefox 40.0.3/38.2.1 ESR security release
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
All All
: P5 - None : Critical
: ---
Assigned To: Security Team bot
Security Team bot
maint:running:62284:important maint:r...
Depends on: CVE-2015-4497 CVE-2015-4498
  Show dependency treegraph
Reported: 2015-08-28 10:44 UTC by Petr Cerny
Modified: 2015-11-23 21:11 UTC (History)
6 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Petr Cerny 2015-08-28 10:44:35 UTC
Firefox/XULRunner 40.0.3
Firefox/XULRunner 38.2.1 ESR

Seamonkey still stuck at 2.33.1 - use at your own risk!
Comment 1 Swamp Workflow Management 2015-08-28 14:37:02 UTC
An update workflow for this issue was started.
This issue was rated as critical.
Please submit fixed packages until 2015-09-01.
When done, reassign the bug to security-team@suse.de.
Comment 3 Marcus Meissner 2015-08-31 06:53:07 UTC
i accepted 11-sp3 into :1004

11-sp1 i misconfigurted and had to decline, can you resubmit?
Comment 5 Swamp Workflow Management 2015-09-02 10:10:52 UTC
SUSE-SU-2015:1476-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 940806,943557,943558,943608
CVE References: CVE-2015-4473,CVE-2015-4474,CVE-2015-4475,CVE-2015-4478,CVE-2015-4479,CVE-2015-4484,CVE-2015-4485,CVE-2015-4486,CVE-2015-4487,CVE-2015-4488,CVE-2015-4489,CVE-2015-4491,CVE-2015-4492,CVE-2015-4495,CVE-2015-4497,CVE-2015-4498
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    MozillaFirefox-38.2.1esr-45.1, mozilla-nss-
SUSE Linux Enterprise Server 12 (src):    MozillaFirefox-38.2.1esr-45.1, MozillaFirefox-branding-SLE-31.0-14.1, mozilla-nss-
SUSE Linux Enterprise Desktop 12 (src):    MozillaFirefox-38.2.1esr-45.1, MozillaFirefox-branding-SLE-31.0-14.1, mozilla-nss-
Comment 7 Swamp Workflow Management 2015-09-07 12:10:16 UTC
SUSE-SU-2015:1504-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 943557,943558,943608
CVE References: CVE-2015-4497,CVE-2015-4498
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    MozillaFirefox-38.2.1esr-17.1
SUSE Linux Enterprise Server 11-SP1-LTSS (src):    MozillaFirefox-38.2.1esr-17.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    MozillaFirefox-38.2.1esr-17.1
SUSE Linux Enterprise Debuginfo 11-SP1 (src):    MozillaFirefox-38.2.1esr-17.1
Comment 8 Marcus Meissner 2015-09-10 15:14:50 UTC
Comment 9 Swamp Workflow Management 2015-11-23 21:11:14 UTC
SUSE-SU-2015:2081-1: An update that fixes 43 vulnerabilities is now available.

Category: security (important)
Bug References: 908275,940806,943557,943558,943608,947003,952810
CVE References: CVE-2015-4473,CVE-2015-4474,CVE-2015-4475,CVE-2015-4478,CVE-2015-4479,CVE-2015-4484,CVE-2015-4485,CVE-2015-4486,CVE-2015-4487,CVE-2015-4488,CVE-2015-4489,CVE-2015-4491,CVE-2015-4492,CVE-2015-4497,CVE-2015-4498,CVE-2015-4500,CVE-2015-4501,CVE-2015-4506,CVE-2015-4509,CVE-2015-4511,CVE-2015-4513,CVE-2015-4517,CVE-2015-4519,CVE-2015-4520,CVE-2015-4521,CVE-2015-4522,CVE-2015-7174,CVE-2015-7175,CVE-2015-7176,CVE-2015-7177,CVE-2015-7180,CVE-2015-7181,CVE-2015-7182,CVE-2015-7183,CVE-2015-7188,CVE-2015-7189,CVE-2015-7193,CVE-2015-7194,CVE-2015-7196,CVE-2015-7197,CVE-2015-7198,CVE-2015-7199,CVE-2015-7200
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    MozillaFirefox-38.4.0esr-0.7.1, MozillaFirefox-branding-SLED-38-0.5.3, mozilla-nspr-4.10.10-0.5.1, mozilla-nss-