Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:0584-1 Final 1 1 2016-02-25T15:19:11Z current 2016-02-25T15:19:11Z 2016-02-25T15:19:11Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: Firefox 38.6.1 ESR (bsc#967087) The following vulnerabilities were fixed: - CVE-2016-1523: Fixed denial of service in Graphite 2 library (MFSA 2016-14/bmo#1246093) Firefox 38.6.0 ESR + Mozilla NSS 3.20.2. (bsc#963520) The following vulnerabilities were fixed: - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635) - CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731) - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888) The following improvements were added: - bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites - Tracking protection is now enabled by default The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). slessp2-mozilla-12419 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/ Link for SUSE-SU-2016:0584-1 https://lists.suse.com/pipermail/sle-security-updates/2016-February/001894.html E-Mail link for SUSE-SU-2016:0584-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/954447 SUSE Bug 954447 https://bugzilla.suse.com/959888 SUSE Bug 959888 https://bugzilla.suse.com/963520 SUSE Bug 963520 https://bugzilla.suse.com/963632 SUSE Bug 963632 https://bugzilla.suse.com/963635 SUSE Bug 963635 https://bugzilla.suse.com/963731 SUSE Bug 963731 https://bugzilla.suse.com/967087 SUSE Bug 967087 https://www.suse.com/security/cve/CVE-2015-7575/ SUSE CVE CVE-2015-7575 page https://www.suse.com/security/cve/CVE-2016-1523/ SUSE CVE CVE-2016-1523 page https://www.suse.com/security/cve/CVE-2016-1930/ SUSE CVE CVE-2016-1930 page https://www.suse.com/security/cve/CVE-2016-1935/ SUSE CVE CVE-2016-1935 page https://www.suse.com/security/cve/CVE-2016-1938/ SUSE CVE CVE-2016-1938 page SUSE Linux Enterprise Server 11 SP2-LTSS MozillaFirefox-38.6.1esr-33.1 MozillaFirefox-branding-SLED-38-15.58 MozillaFirefox-translations-38.6.1esr-33.1 libfreebl3-3.20.2-17.5 libfreebl3-32bit-3.20.2-17.5 mozilla-nss-3.20.2-17.5 mozilla-nss-32bit-3.20.2-17.5 mozilla-nss-devel-3.20.2-17.5 mozilla-nss-tools-3.20.2-17.5 MozillaFirefox-38.6.1esr-33.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS MozillaFirefox-branding-SLED-38-15.58 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS MozillaFirefox-translations-38.6.1esr-33.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libfreebl3-3.20.2-17.5 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS libfreebl3-32bit-3.20.2-17.5 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS mozilla-nss-3.20.2-17.5 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS mozilla-nss-32bit-3.20.2-17.5 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS mozilla-nss-devel-3.20.2-17.5 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS mozilla-nss-tools-3.20.2-17.5 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. CVE-2015-7575 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/ https://www.suse.com/security/cve/CVE-2015-7575.html CVE-2015-7575 https://bugzilla.suse.com/959888 SUSE Bug 959888 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/960996 SUSE Bug 960996 https://bugzilla.suse.com/961280 SUSE Bug 961280 https://bugzilla.suse.com/961281 SUSE Bug 961281 https://bugzilla.suse.com/961282 SUSE Bug 961282 https://bugzilla.suse.com/961283 SUSE Bug 961283 https://bugzilla.suse.com/961284 SUSE Bug 961284 https://bugzilla.suse.com/961290 SUSE Bug 961290 https://bugzilla.suse.com/961357 SUSE Bug 961357 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 https://bugzilla.suse.com/967521 SUSE Bug 967521 https://bugzilla.suse.com/981087 SUSE Bug 981087 The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font. CVE-2016-1523 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/ https://www.suse.com/security/cve/CVE-2016-1523.html CVE-2016-1523 https://bugzilla.suse.com/965803 SUSE Bug 965803 https://bugzilla.suse.com/965806 SUSE Bug 965806 https://bugzilla.suse.com/965807 SUSE Bug 965807 https://bugzilla.suse.com/965810 SUSE Bug 965810 https://bugzilla.suse.com/967087 SUSE Bug 967087 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2016-1930 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/ https://www.suse.com/security/cve/CVE-2016-1930.html CVE-2016-1930 https://bugzilla.suse.com/963520 SUSE Bug 963520 https://bugzilla.suse.com/963632 SUSE Bug 963632 Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content. CVE-2016-1935 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/ https://www.suse.com/security/cve/CVE-2016-1935.html CVE-2016-1935 https://bugzilla.suse.com/963520 SUSE Bug 963520 https://bugzilla.suse.com/963635 SUSE Bug 963635 The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function. CVE-2016-1938 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-branding-SLED-38-15.58 SUSE Linux Enterprise Server 11 SP2-LTSS:MozillaFirefox-translations-38.6.1esr-33.1 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:libfreebl3-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-32bit-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-devel-3.20.2-17.5 SUSE Linux Enterprise Server 11 SP2-LTSS:mozilla-nss-tools-3.20.2-17.5 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160584-1/ https://www.suse.com/security/cve/CVE-2016-1938.html CVE-2016-1938 https://bugzilla.suse.com/963731 SUSE Bug 963731