openSUSE Security Update : Mozilla Firefox (openSUSE-2016-2639)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Mozilla Firefox was updated to 49.0.2 to fix two security issues a
some bugs.

The following vulnerabilities were fixed :

- CVE-2016-5287: Crash in nsTArray_base (bsc#1006475)

- CVE-2016-5288: Web content can read cache entries
(bsc#1006476)

The following changes and fixes are included :

- Asynchronous rendering of the Flash plugins is now
enabled by default

- Change D3D9 default fallback preference to prevent
graphical artifacts

- Network issue prevents some users from seeing the
Firefox UI on startup

- Web compatibility issue with file uploads

- Web compatibility issue with Array.prototype.values

- Diagnostic information on timing for tab switching

- Fix a Canvas filters graphics issue affecting HTML5 apps

See also :

https://bugzilla.mozilla.org/show_bug.cgi?id=1304783
https://bugzilla.opensuse.org/show_bug.cgi?id=1006475
https://bugzilla.opensuse.org/show_bug.cgi?id=1006476

Solution :

Update the affected Mozilla Firefox packages.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 94427 ()

Bugtraq ID:

CVE ID: CVE-2016-5287
CVE-2016-5288

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now