openSUSE Security Update : Mozilla Firefox (openSUSE-2016-2639)

High Nessus Plugin ID 94427


The remote openSUSE host is missing a security update.


Mozilla Firefox was updated to 49.0.2 to fix two security issues a some bugs.

The following vulnerabilities were fixed :

- CVE-2016-5287: Crash in nsTArray_base (bsc#1006475)

- CVE-2016-5288: Web content can read cache entries (bsc#1006476)

The following changes and fixes are included :

- Asynchronous rendering of the Flash plugins is now enabled by default

- Change D3D9 default fallback preference to prevent graphical artifacts

- Network issue prevents some users from seeing the Firefox UI on startup

- Web compatibility issue with file uploads

- Web compatibility issue with Array.prototype.values

- Diagnostic information on timing for tab switching

- Fix a Canvas filters graphics issue affecting HTML5 apps


Update the affected Mozilla Firefox packages.

See Also

Plugin Details

Severity: High

ID: 94427

File Name: openSUSE-2016-2639.nasl

Version: $Revision: 2.3 $

Type: local

Agent: unix

Published: 2016/10/31

Modified: 2016/11/18

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:MozillaFirefox, p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream, p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols, p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo, p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource, p-cpe:/a:novell:opensuse:MozillaFirefox-devel, p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common, p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other, cpe:/o:novell:opensuse:13.2, cpe:/o:novell:opensuse:42.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2016/10/24

Reference Information

CVE: CVE-2016-5287, CVE-2016-5288