SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe Mozilla Firefox browser was updated to version 3.0.11, fixing various bugs and security issues :
- MFSA 2009-24/CVE-2009-1392/CVE-2009-1832/CVE-2009-1833 Crashes with evidence of memory corruption (rv:220.127.116.11)
- MFSA 2009-25/CVE-2009-1834 (bmo#479413) URL spoofing with invalid unicode characters
- MFSA 2009-26/CVE-2009-1835 (bmo#491801) Arbitrary domain cookie access by local file: resources
- MFSA 2009-27/CVE-2009-1836 (bmo#479880) SSL tampering via non-200 responses to proxy CONNECT requests
- MFSA 2009-28/CVE-2009-1837 (bmo#486269) Race condition while accessing the private data of a NPObject JS wrapper class object
- MFSA 2009-29/CVE-2009-1838 (bmo#489131) Arbitrary code execution using event listeners attached to an element whose owner document is null
- MFSA 2009-30/CVE-2009-1839 (bmo#479943) Incorrect principal set for file: resources loaded via location bar
- MFSA 2009-31/CVE-2009-1840 (bmo#477979) XUL scripts bypass content-policy checks
SolutionUpdate the affected MozillaFirefox packages.