---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: SUSE Update for Mozilla Products SECUNIA ADVISORY ID: SA32876 VERIFY ADVISORY: http://secunia.com/advisories/32876/ CRITICAL: Highly critical IMPACT: Security Bypass, Exposure of system information, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: openSUSE 10.2 http://secunia.com/advisories/product/13375/ openSUSE 10.3 http://secunia.com/advisories/product/16124/ openSUSE 11.0 http://secunia.com/advisories/product/19180/ SUSE Linux Enterprise Server 9 http://secunia.com/advisories/product/4118/ SUSE Linux Enterprise Server 10 http://secunia.com/advisories/product/12192/ SOFTWARE: Novell Open Enterprise Server 1.x http://secunia.com/advisories/product/4664/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system. For more information: SA32693 SA32714 SA32715 SOLUTION: Apply updated packages. x86 Platform: openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaFirefox-3.0.4-3.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaFirefox-translations-3.0.4-3.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaThunderbird-2.0.0.18-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaThunderbird-devel-2.0.0.18-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaThunderbird-translations-2.0.0.18-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-2.22.1.1-25.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-devel-2.22.1.1-25.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-doc-2.22.1.1-25.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-extensions-2.22.0-37.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner181-1.8.1.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner181-devel-1.8.1.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner190-1.9.0.4-2.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner190-devel-1.9.0.4-2.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner190-gnomevfs-1.9.0.4-2.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner190-translations-1.9.0.4-2.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/seamonkey-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/seamonkey-dom-inspector-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/seamonkey-irc-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/seamonkey-mail-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/seamonkey-spellchecker-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/seamonkey-venkman-1.1.13-1.1.i586.rpm openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaThunderbird-2.0.0.18-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaThunderbird-translations-2.0.0.18-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-2.20.0-8.6.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-devel-2.20.0-8.6.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-doc-2.20.0-8.6.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-extensions-2.20.0-8.6.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozilla-xulrunner181-1.8.1.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozilla-xulrunner181-devel-1.8.1.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-dom-inspector-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-irc-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-mail-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-spellchecker-1.1.13-1.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-venkman-1.1.13-1.1.i586.rpm openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.18-0.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.18-0.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaThunderbird-1.5.0.14-0.10.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaThunderbird-translations-1.5.0.14-0.10.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/epiphany-2.16.1-35.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/epiphany-devel-2.16.1-35.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/epiphany-doc-2.16.1-35.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/epiphany-extensions-2.16.1-35.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/mozilla-xulrunner181-1.8.1.18-0.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/mozilla-xulrunner181-devel-1.8.1.18-0.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.18-0.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-1.1.13-1.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-dom-inspector-1.1.13-1.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-irc-1.1.13-1.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-mail-1.1.13-1.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-spellchecker-1.1.13-1.1.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-venkman-1.1.13-1.1.i586.rpm openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.18-0.1.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.18-0.1.i586.rpm x86-64 Platform: openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.18-0.1.x86_64.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/mozilla-xulrunner190-32bit-1.9.0.4-2.1.x86_64.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/mozilla-xulrunner190-gnomevfs-32bit-1.9.0.4-2.1.x86_64.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/mozilla-xulrunner190-translations-32bit-1.9.0.4-2.1.x86_64.rpm openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.18-0.1.x86_64.rpm openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.18-0.1.x86_64.rpm Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/epiphany-2.16.1-35.src.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/epiphany-extensions-2.16.1-35.src.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/mozilla-xulrunner181-1.8.1.18-0.1.src.rpm openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/MozillaFirefox-3.0.4-3.1.src.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/MozillaThunderbird-2.0.0.18-1.1.src.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/epiphany-2.22.1.1-25.2.src.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/epiphany-extensions-2.22.0-37.2.src.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/mozilla-xulrunner181-1.8.1.18-0.1.src.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/mozilla-xulrunner190-1.9.0.4-2.1.src.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/seamonkey-1.1.13-1.1.src.rpm openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.18-0.1.src.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaThunderbird-2.0.0.18-1.1.src.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/epiphany-2.20.0-8.6.src.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/epiphany-extensions-2.20.0-8.6.src.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/mozilla-xulrunner181-1.8.1.18-0.1.src.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/seamonkey-1.1.13-1.1.src.rpm openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.18-0.1.src.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaThunderbird-1.5.0.14-0.10.src.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/seamonkey-1.1.13-1.1.src.rpm SLE SDK 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=caf470776d21b68c1e965d43ce532e4c SLE SDK 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=16382e044e036ef25857e6d46b6ad8c8 Open Enterprise Server http://download.novell.com/index.jsp?search=Search&keywords=55d1889fabf24d9bac066219efec8b53 Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&keywords=55d1889fabf24d9bac066219efec8b53 SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&keywords=55d1889fabf24d9bac066219efec8b53 Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&keywords=55d1889fabf24d9bac066219efec8b53 http://download.novell.com/index.jsp?search=Search&keywords=43ce1734b8f340b9b8cd0bc5a8718241 SUSE Linux Enterprise Server 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=caf470776d21b68c1e965d43ce532e4c http://download.novell.com/index.jsp?search=Search&keywords=0df6a557dc5b96d1f3a334a263aa021a SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=813660f3b739e70fcaa9d5ace67a2fa6 http://download.novell.com/index.jsp?search=Search&keywords=16382e044e036ef25857e6d46b6ad8c8 http://download.novell.com/index.jsp?search=Search&keywords=0df6a557dc5b96d1f3a334a263aa021a SUSE Linux Enterprise 10 SP2 DEBUGINFO http://download.novell.com/index.jsp?search=Search&keywords=813660f3b739e70fcaa9d5ace67a2fa6 http://download.novell.com/index.jsp?search=Search&keywords=0df6a557dc5b96d1f3a334a263aa021a SUSE Linux Enterprise Desktop 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=caf470776d21b68c1e965d43ce532e4c http://download.novell.com/index.jsp?search=Search&keywords=0df6a557dc5b96d1f3a334a263aa021a SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=813660f3b739e70fcaa9d5ace67a2fa6 http://download.novell.com/index.jsp?search=Search&keywords=16382e044e036ef25857e6d46b6ad8c8 http://download.novell.com/index.jsp?search=Search&keywords=0df6a557dc5b96d1f3a334a263aa021a ORIGINAL ADVISORY: SUSE-SA:2008:055 http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html OTHER REFERENCES: SA32693: http://secunia.com/advisories/32693/ SA32714: http://secunia.com/advisories/32714/ SA32715: http://secunia.com/advisories/32715/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------