Описание
Security update for xulrunner
XULRunner was updated to 38.6.0 to fix two security issues.
The following vulnerabilities were fixed:
- CVE-2016-1930: Miscellaneous memory safety hazards (boo#963632)
- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (boo#963635)
Список пакетов
openSUSE Leap 42.1
xulrunner-38.6.0-10.2
xulrunner-32bit-38.6.0-10.2
xulrunner-devel-38.6.0-10.2
Ссылки
- E-Mail link for openSUSE-SU-2016:0310-1
- SUSE Security Ratings
Описание
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.6.0-10.2
openSUSE Leap 42.1:xulrunner-38.6.0-10.2
openSUSE Leap 42.1:xulrunner-devel-38.6.0-10.2
Ссылки
- CVE-2016-1930
- SUSE Bug 963520
- SUSE Bug 963632
Описание
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.6.0-10.2
openSUSE Leap 42.1:xulrunner-38.6.0-10.2
openSUSE Leap 42.1:xulrunner-devel-38.6.0-10.2
Ссылки
- CVE-2016-1935
- SUSE Bug 963520
- SUSE Bug 963635