SUSE-SU-2012:0298-1

Security update for Mozilla XULrunner

SUSE Security Update: Security update for Mozilla XULrunner
Announcement ID: SUSE-SU-2012:0298-1
Rating: important
References: #747328
Affected Products:
  • SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
  • SUSE Linux Enterprise Software Development Kit 11 SP1
  • SUSE Linux Enterprise Server 11 SP1 for VMware
  • SUSE Linux Enterprise Server 11 SP1 FOR SP2
  • SUSE Linux Enterprise Server 11 SP1
  • SUSE Linux Enterprise Server 10 SP4
  • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
  • SUSE Linux Enterprise Desktop 11 SP1
  • SUSE Linux Enterprise Desktop 10 SP4
  • SLE SDK 10 SP4
    		•

    An update that fixes one vulnerability is now available. It includes two new package versions.

    Description:


    Mozilla XULRunner was updated to 1.9.2.27 to fix a security
    issue with the embedded libpng, where a integer overflow
    could allow remote attackers to crash the browser or
    potentially execute code (CVE-2011-3026),

    Security Issue reference:

    * CVE-2011-3026
    >

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
      zypper in -t patch sdksp1fsp2-mozilla-xulrunner192-5840
    • SUSE Linux Enterprise Software Development Kit 11 SP1:
      zypper in -t patch sdksp1-mozilla-xulrunner192-5840
    • SUSE Linux Enterprise Server 11 SP1 for VMware:
      zypper in -t patch slessp1-mozilla-xulrunner192-5840
    • SUSE Linux Enterprise Server 11 SP1 FOR SP2:
      zypper in -t patch slessp1fsp2-mozilla-xulrunner192-5840
    • SUSE Linux Enterprise Server 11 SP1:
      zypper in -t patch slessp1-mozilla-xulrunner192-5840
    • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
      zypper in -t patch sledsp1fsp2-mozilla-xulrunner192-5840
    • SUSE Linux Enterprise Desktop 11 SP1:
      zypper in -t patch sledsp1-mozilla-xulrunner192-5840

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-devel-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (ia64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-gnome-x86-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-x86-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-devel-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-gnome-x86-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-x86-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ia64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-x86-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-x86-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.5.6
    • mozilla-xulrunner192-gnome-1.9.2.27-0.5.6
    • mozilla-xulrunner192-translations-1.9.2.27-0.5.6
    • SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 3.6.27]:
    • MozillaFirefox-3.6.27-0.5.4
    • MozillaFirefox-translations-3.6.27-0.5.4
    • SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.5.6
    • mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.5.6
    • mozilla-xulrunner192-translations-32bit-1.9.2.27-0.5.6
    • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
    • mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
    • mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
    • SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-1.9.2.27-0.5.6
    • mozilla-xulrunner192-gnome-1.9.2.27-0.5.6
    • mozilla-xulrunner192-translations-1.9.2.27-0.5.6
    • SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 1.9.2.27]:
    • mozilla-xulrunner192-32bit-1.9.2.27-0.5.6
    • mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.5.6
    • mozilla-xulrunner192-translations-32bit-1.9.2.27-0.5.6
    • SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 3.6.27]:
    • MozillaFirefox-3.6.27-0.5.4
    • MozillaFirefox-translations-3.6.27-0.5.4
    • SLE SDK 10 SP4 (i586 ia64 ppc s390x):
    • MozillaFirefox-branding-upstream-3.6.27-0.5.4

    References:

    • http://support.novell.com/security/cve/CVE-2011-3026.html
    • https://bugzilla.novell.com/747328
    • http://download.suse.com/patch/finder/?keywords=2c23debb2e4e3a09d318252e02175814
    • http://download.suse.com/patch/finder/?keywords=4513d87a4d6a69221d7fe51d3c22ad66
    Back

    IT Modernization


    SAP Solutions


    AI and Analytics


    Hybrid Cloud Solutions


    Nonstop IT


    Exit Federal Government

    Back

    Business-Critical Linux

    Enterprise Container Management

    Edge

    All Products
    Back

    Solutions

    Hybrid Cloud IT
    Business-critical Linux

    Run & secure cloud and on-prem workloads
    Run SAP
    Run SAP

    Deliver mission-critical SAP solutions
    Enterprise Container Management
    Enterprise Container Management

    Orchestrate cloud-native apps
    IT Operations at the Edge
    Edge

    Deploy intelligent devices to the edge
    Public Cloud
    SUSE for Public Cloud

    Accelerate innovation across your clouds
    Security
    Security

    Secure your digital enterprise

    Industries

    Back

    Support

    Product Support
    Premium Support Services

    Dedicated support services from a premium team


    Long Term Service Support

    Stay on your existing product version


    SUSE Liberty Linux

    Mixed Linux Environment Support


    Renew Your Support Subscription

    Services

    Consulting Services
    Training & Certification
    Premium Technical Advisory Services

    Resources

    SUSE Support User Guide
    Patches & Updates
    Product Documentation
    Knowledgebase
    SUSE Customer Center
    Product Support Life Cycle
    Licensing
    Package Hub

    Community packages for SUSE Linux Enterprise Server


    Driver Search
    Support Forums
    Developer Services
    Beta Program
    Security
    Back

    Partners

    Partner Program


    Find a Partner


    Become a Partner


    Login to the SUSE Partner Portal

    Back

    Communities

    Community

    Blog


    Forum


    Academic


    Open Source Projects


    openSUSE.org



    SUSE Israel


    SUSE Polska

    Back

    About

    About Us


    Leadership


    Careers


    Newsroom


    Success Stories


    Investor Relations


    Social Impact


    SUSE Logo and Brand


    Events & Webinars


    Merchandise Store


    Communications Preferences

    2020-03-20