openSUSE Security Update : MozillaFirefox / mozilla-nspr (openSUSE-SU-2014:0819-1)
Critical Nessus Plugin ID 76181
SynopsisThe remote openSUSE host is missing a security update.
Descriptionmozilla-nspr was updated to version 4.10.6 to fix one security issue :
- OOB write with sprintf and console functions (CVE-2014-1545)
MozillaFirefox was updated to version 30.0 to fix eight security issues :
- Miscellaneous memory safety hazards (CVE-2014-1533/CVE-2014-1534)
- Use-after-free and out of bounds issues found using Address Sanitizer (CVE-2014-1536/CVE-2014-1537/CVE-2014-1538)
- Use-after-free in Event Listener Manager (CVE-2014-1540)
- Use-after-free with SMIL Animation Controller (CVE-2014-1541)
- Buffer overflow in Web Audio Speex resampler (CVE-2014-1542)
Several non-security bugs were also fixed in this release.
SolutionUpdate the affected MozillaFirefox / mozilla-nspr packages.