Security update for MozillaFirefox SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:2334-1 Final 1 1 2015-12-21T16:21:29Z current 2015-12-21T16:21:29Z 2015-12-21T16:21:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaFirefox MozillaFirefox was updated to version 38.5.0 esr to fix the following issues: Following security issues were fixed: * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5) * MFSA 2015-138/CVE-2015-7210 Use-after-free in WebRTC when datachannel is used after being destroyed * MFSA 2015-139/CVE-2015-7212 Integer overflow allocating extremely large textures * MFSA 2015-145/CVE-2015-7205 Underflow through code inspection * MFSA 2015-146/CVE-2015-7213 Integer overflow in MP4 playback in 64-bit versions * MFSA 2015-147/CVE-2015-7222 Integer underflow and buffer overflow processing MP4 metadata in libstagefright * MFSA 2015-149/CVE-2015-7214 Cross-site reading attack through data and view-source URIs The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-MozillaFirefox-12276,sdksp4-MozillaFirefox-12276,sledsp3-MozillaFirefox-12276,sledsp4-MozillaFirefox-12276,slessp3-MozillaFirefox-12276,slessp4-MozillaFirefox-12276 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ Link for SUSE-SU-2015:2334-1 https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html E-Mail link for SUSE-SU-2015:2334-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/959277 SUSE Bug 959277 https://www.suse.com/security/cve/CVE-2015-7201/ SUSE CVE CVE-2015-7201 page https://www.suse.com/security/cve/CVE-2015-7202/ SUSE CVE CVE-2015-7202 page https://www.suse.com/security/cve/CVE-2015-7205/ SUSE CVE CVE-2015-7205 page https://www.suse.com/security/cve/CVE-2015-7210/ SUSE CVE CVE-2015-7210 page https://www.suse.com/security/cve/CVE-2015-7212/ SUSE CVE CVE-2015-7212 page https://www.suse.com/security/cve/CVE-2015-7213/ SUSE CVE CVE-2015-7213 page https://www.suse.com/security/cve/CVE-2015-7214/ SUSE CVE CVE-2015-7214 page https://www.suse.com/security/cve/CVE-2015-7222/ SUSE CVE CVE-2015-7222 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 MozillaFirefox-devel-38.5.0esr-28.2 MozillaFirefox-38.5.0esr-28.2 MozillaFirefox-translations-38.5.0esr-28.2 MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Desktop 11 SP4 MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Desktop 11 SP4 MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server 11 SP4 MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server 11 SP4 MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 MozillaFirefox-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 MozillaFirefox-translations-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 MozillaFirefox-devel-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 MozillaFirefox-devel-38.5.0esr-28.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2015-7201 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7201.html CVE-2015-7201 https://bugzilla.suse.com/959277 SUSE Bug 959277 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2015-7202 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7202.html CVE-2015-7202 https://bugzilla.suse.com/959277 SUSE Bug 959277 Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet. CVE-2015-7205 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7205.html CVE-2015-7205 https://bugzilla.suse.com/959277 SUSE Bug 959277 Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function. CVE-2015-7210 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7210.html CVE-2015-7210 https://bugzilla.suse.com/959277 SUSE Bug 959277 Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation. CVE-2015-7212 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7212.html CVE-2015-7212 https://bugzilla.suse.com/959277 SUSE Bug 959277 Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow. CVE-2015-7213 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7213.html CVE-2015-7213 https://bugzilla.suse.com/959277 SUSE Bug 959277 Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs. CVE-2015-7214 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7214.html CVE-2015-7214 https://bugzilla.suse.com/959277 SUSE Bug 959277 Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow. CVE-2015-7222 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-38.5.0esr-28.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP3:MozillaFirefox-devel-38.5.0esr-28.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-38.5.0esr-28.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20152334-1/ https://www.suse.com/security/cve/CVE-2015-7222.html CVE-2015-7222 https://bugzilla.suse.com/959277 SUSE Bug 959277