openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-960)

High Nessus Plugin ID 92853

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote openSUSE host is missing a security update.

Description

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements.

The following major changes are included :

- Process separation (e10s) is enabled for some users

- Add-ons that have not been verified and signed by Mozilla will not load

- WebRTC enhancements

- The media parser has been redeveloped using the Rust programming language

- better Canvas performance with speedy Skia support

- Now requires NSS 3.24

The following security issues were fixed: (boo#991809)

- CVE-2016-2835/CVE-2016-2836: Miscellaneous memory safety hazards

- CVE-2016-2830: Favicon network connection can persist when page is closed

- CVE-2016-2838: Buffer overflow rendering SVG with bidirectional content

- CVE-2016-2839: Cairo rendering crash due to memory allocation issue with FFmpeg 0.10

- CVE-2016-5251: Location bar spoofing via data URLs with malformed/invalid mediatypes

- CVE-2016-5252: Stack underflow during 2D graphics rendering

- CVE-2016-0718: Out-of-bounds read during XML parsing in Expat library

- CVE-2016-5254: Use-after-free when using alt key and toplevel menus

- CVE-2016-5255: Crash in incremental garbage collection in JavaScript

- CVE-2016-5258: Use-after-free in DTLS during WebRTC session shutdown

- CVE-2016-5259: Use-after-free in service workers with nested sync events

- CVE-2016-5260: Form input type change from password to text can store plain text password in session restore file

- CVE-2016-5261: Integer overflow in WebSockets during data buffering

- CVE-2016-5262: Scripts on marquee tag can execute in sandboxed iframes

- CVE-2016-2837: Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback

- CVE-2016-5263: Type confusion in display transformation

- CVE-2016-5264: Use-after-free when applying SVG effects

- CVE-2016-5265: Same-origin policy violation using local HTML file and saved shortcut file

- CVE-2016-5266: Information disclosure and local file manipulation through drag and drop

- CVE-2016-5268: Spoofing attack through text injection into internal error pages

- CVE-2016-5250: Information disclosure through Resource Timing API during page navigation

The following non-security changes are included :

- The AppData description and screenshots were updated.

- Fix Firefox crash on startup on i586 (boo#986541)

- The Selenium WebDriver may have caused Firefox to crash at startup

- fix build issues with gcc/binutils combination used in Leap 42.2 (boo#984637)

- Fix running on 48bit va aarch64 (boo#984126)

- fix XUL dialog button order under KDE session (boo#984403)

Mozilla NSS was updated to 3.24 as a dependency.

Changes in mozilla-nss :

- NSS softoken updated with latest NIST guidance

- NSS softoken updated to allow NSS to run in FIPS Level 1 (no password)

- Various added and deprecated functions

- Remove most code related to SSL v2, including the ability to actively send a SSLv2-compatible client hello.

- Protect against the Cachebleed attack.

- Disable support for DTLS compression.

- Improve support for TLS 1.3. This includes support for DTLS 1.3. (experimental)

Solution

Update the affected MozillaFirefox / mozilla-nss packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=984126

https://bugzilla.opensuse.org/show_bug.cgi?id=984403

https://bugzilla.opensuse.org/show_bug.cgi?id=984637

https://bugzilla.opensuse.org/show_bug.cgi?id=986541

https://bugzilla.opensuse.org/show_bug.cgi?id=991809

Plugin Details

Severity: High

ID: 92853

File Name: openSUSE-2016-960.nasl

Version: 2.7

Type: local

Agent: unix

Published: 2016/08/11

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 6.7

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:MozillaFirefox, p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream, p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols, p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo, p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource, p-cpe:/a:novell:opensuse:MozillaFirefox-devel, p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common, p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other, p-cpe:/a:novell:opensuse:libfreebl3, p-cpe:/a:novell:opensuse:libfreebl3-32bit, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit, p-cpe:/a:novell:opensuse:libsoftokn3, p-cpe:/a:novell:opensuse:libsoftokn3-32bit, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss, p-cpe:/a:novell:opensuse:mozilla-nss-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-certs, p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debugsource, p-cpe:/a:novell:opensuse:mozilla-nss-devel, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-tools, p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo, cpe:/o:novell:opensuse:13.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2016/08/10

Reference Information

CVE: CVE-2016-0718, CVE-2016-2830, CVE-2016-2835, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-2839, CVE-2016-5250, CVE-2016-5251, CVE-2016-5252, CVE-2016-5254, CVE-2016-5255, CVE-2016-5258, CVE-2016-5259, CVE-2016-5260, CVE-2016-5261, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-5266, CVE-2016-5268