Ubuntu Security Notice 3850-2 - USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.
7498b43104d4fb07034d4fa82fae12b25b42d1e94165a25a6a94e278d49e0473Ubuntu Security Notice 3868-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code.
85233d2f28c9005d6f996d2675c0d1f4b94b69c26083039521f3cc4a116d3f42Ubuntu Security Notice 3850-1 - Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. Various other issues were also addressed.
33dfd212dff4b39a5b8a3ffb081d43f4f2201ce71c47312b15edcf37961cf627Gentoo Linux Security Advisory 201811-13 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 60.3.0 are affected.
dfd702cee32bc438649bed899c42ec0c300d02359e8e2217025dfe8241b5cd45Debian Linux Security Advisory 4337-1 - safety errors may lead to the execution of arbitrary code or denial of service.
56f49906d85fb598d72fe1dc02adfdda82ac9c2203999f47baa5ef2b0ca4cdc2Red Hat Security Advisory 2018-3531-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow vulnerability.
8c15fea412bc4b4a2e9f6cbca2957d6a314483c55100b21551aaed960fd825edRed Hat Security Advisory 2018-3532-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow.
7ddabe0c631f025e5f76c79adbf664f42dddd68dbde947f177178f29cfde288dGentoo Linux Security Advisory 201811-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.3.0 are affected.
8aa3bc82e407773bfdcd9ad96772bd8c0b936737c4e6cd15abbc811752a70eccRed Hat Security Advisory 2018-3505-01 - Red Hat Ansible Tower 3.3.1 is now available and contains a large amount of security fixes.
5a18fce8ca273b8a62b85b1a2bf4e5b4df4fb5583a3543625bcc53528045ab49Red Hat Security Advisory 2018-3458-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.2.1. Issues addressed include bypass and use-after-free vulnerabilities.
51190964eea84c696b05814f1222a6712caf0740904e1afe2a2b77293feb7fadRed Hat Security Advisory 2018-3403-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.2.1. Issues addressed include bypass and use-after-free vulnerabilities.
bde96bf6d5d37b5efda9d745a300a0fe73ab07d645bea48e64fbffa17ca6b4d2Debian Linux Security Advisory 4327-1 - Multiple memory safety errors and use-after-frees in Thunderbird may lead to the execution of arbitrary code or denial of service.
b8e9888995dd121b5a52e5b325f620018e65bb80ce0d368243634ad49d060edfDebian Linux Security Advisory 4324-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code, privilege escalation or information disclosure.
1482c2a868a3a226457b9a48ae252f72677cae5cfb4f4f174c2f98c16cf35579Red Hat Security Advisory 2018-3005-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.3.0 ESR. Issues addressed include a bypass vulnerability.
cbe0092b4ab4c017536af033dc254c363296b218182c1c9eb5d24dfe63da335eRed Hat Security Advisory 2018-3006-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.3.0 ESR. Issues addressed include a bypass vulnerability.
f0049252ccdb1467288167b83d6220b93438abe9b208d230f5cb0c480f6e3c7eUbuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed.
070751dac62d0e36aedbaaf6e004869962630cbbfb0a6e6921710868df00e0daUbuntu Security Notice 3793-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. It was discovered that if a user saved passwords before Thunderbird 58 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. Various other issues were also addressed.
02e62b2bffb86438849c76b75b7f7492d31b01439a58b29eb4c7e7f49d5ddbbcRed Hat Security Advisory 2018-2898-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an nss problem where ServerHello.random is all zeros when handling a v2-compatible ClientHello.
981d8e1a8cc5e3e3605ca76cb71594d80c3e237ad5f779aa821e8a0f842a8877Red Hat Security Advisory 2018-2884-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.2 ESR. Issues addressed include type confusion and out-of-bounds read vulnerabilities.
a503d8f752218d1ebc2a0f3c9de265aac7e02a167b6516ef1f115e1f3369b673Red Hat Security Advisory 2018-2881-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.2 ESR. Issues addressed include an out-of-bounds read.
8be099e7a5728383e2bf6b4a48e46f149d1ef5b73774acdf5f44311b39e6b277Debian Linux Security Advisory 4310-1 - Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code inside the sandboxed content process.
edbb1cf8b0b9f5831faa87650ee6af1af53f44820683e261ff3597ceb64387f1Ubuntu Security Notice 3778-1 - A crash was discovered in TransportSecurityInfo used for SSL, which could be triggered by data stored in the local cache directory. An attacker could potentially exploit this in combination with another vulnerability that allowed them to write data to the cache, to execute arbitrary code. A type confusion bug was discovered in JavaScript. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
a69ab9fe6502be4b61f6561f6d0e2050616a619735003e0abb30915f7a0370a6Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.
e409996a93b56a3beccbb769cb31201dc29fd079c498e1cb926597616d9195b0Gentoo Linux Security Advisory 201810-1 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.2.2 are affected.
0691ae8021da4956449e6d4f9c1fdd0355496e51bc68aa1daaad0d960ac3e310Red Hat Security Advisory 2018-2835-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.
80ff187b2df61c699663bb15ce53928b394f62572e3fb2cc571a9a9b5593d95b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed