Izdana je revizija preporuke vezane uz programski paket mozilla-nss. Udaljeni napadač je propuste mogao iskoristiti za DoS (eng. Denial of Service) napad, proizvoljno pokretanje programskog koda, čitanje i promjenu podataka te dobivanje većih privilegija u sustavu.
Sigurnosne ranjivosti su posljedica preljeva međuspremnika u komponenti ANGLE (eng. Almost Native Graphics Layer Engine), korupcije memorije u JAR (eng. Java Archive) datotekama, itd.
Posljedica:
Udaljeni napadač ranjivosti može iskoristiti za DoS napad, proizvoljno izvršavanje programskog koda, izmjenu i čitanje podataka te dobivanje većih privilegija u sustavu.
Rješenje:
Rješenje problema sigurnosti je korištenje dostupnih programskih nadogradnji.
openSUSE Security Update: mozilla-nss: Update to 3.12.11
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:0935-1
Rating: important
References: #712224
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that contains security fixes can now be
installed. It includes one version update.
Description:
The mozilla NSS libraries were updated to 3.12.11 to align
with newer Mozilla seamonkey and Firefox releases.
Interesting changes are:
- blacklisting malicious root certificates
- several bugfixes
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch libfreebl3-5023
- openSUSE 11.3:
zypper in -t patch libfreebl3-5023
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 3.12.11]:
libfreebl3-3.12.11-1.3.1
libsoftokn3-3.12.11-1.3.1
mozilla-nss-3.12.11-1.3.1
mozilla-nss-certs-3.12.11-1.3.1
mozilla-nss-devel-3.12.11-1.3.1
mozilla-nss-sysinit-3.12.11-1.3.1
mozilla-nss-tools-3.12.11-1.3.1
- openSUSE 11.4 (x86_64) [New Version: 3.12.11]:
libfreebl3-32bit-3.12.11-1.3.1
libsoftokn3-32bit-3.12.11-1.3.1
mozilla-nss-32bit-3.12.11-1.3.1
mozilla-nss-certs-32bit-3.12.11-1.3.1
mozilla-nss-sysinit-32bit-3.12.11-1.3.1
- openSUSE 11.3 (i586 x86_64) [New Version: 3.12.11]:
libfreebl3-3.12.11-1.2.1
libsoftokn3-3.12.11-1.2.1
mozilla-nss-3.12.11-1.2.1
mozilla-nss-certs-3.12.11-1.2.1
mozilla-nss-devel-3.12.11-1.2.1
mozilla-nss-sysinit-3.12.11-1.2.1
mozilla-nss-tools-3.12.11-1.2.1
- openSUSE 11.3 (x86_64) [New Version: 3.12.11]:
libfreebl3-32bit-3.12.11-1.2.1
libsoftokn3-32bit-3.12.11-1.2.1
mozilla-nss-32bit-3.12.11-1.2.1
mozilla-nss-certs-32bit-3.12.11-1.2.1
mozilla-nss-sysinit-32bit-3.12.11-1.2.1
References:
https://bugzilla.novell.com/712224
--
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
Posljednje sigurnosne preporuke