SUSE-SU-2016:0338-1 -- Suse MozillaFirefoxID: oval:org.secpod.oval:def:400814 | Date: (C)2016-11-22 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed: - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation - CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services canproduce wrong results The following improvements were added: - bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites - Tracking protection is now enabled by default - bsc#964332: Fixed leaking file descriptors inside FIPS selfcheck code
Platform: |
SUSE Linux Enterprise Server 12 SP1 |
SUSE Linux Enterprise Desktop 12 SP1 |
SUSE Linux Enterprise Desktop 12 |
SUSE Linux Enterprise Server 12 |
Product: |
MozillaFirefox |
MozillaFirefox-branding-SLE |
mozilla-nss |