openSUSE Security Update : Firefox (openSUSE-2016-334)

critical Nessus Plugin ID 89915

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues :

MozillaFirefox was updated to Firefox 45.0 (boo#969894)

- requires NSPR 4.12 / NSS 3.21.1

- Instant browser tab sharing through Hello

- Synced Tabs button in button bar

- Tabs synced via Firefox Accounts from other devices are now shown in dropdown area of Awesome Bar when searching

- Introduce a new preference (network.dns.blockDotOnion) to allow blocking .onion at the DNS level

- Tab Groups (Panorama) feature removed

- MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards

- MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports

- MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip location information for embedded iframe pages

- MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with Intel drivers

- MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing

- MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden

- MFSA 2016-22/CVE-2016-1959 (bmo#1234949) Service Worker Manager out-of-bounds read in Service Worker Manager

- MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser

- MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody

- MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels

- MFSA 2016-26/CVE-2016-1963 (bmo#1238440) Memory corruption when modifying a file being read by FileReader

- MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations

- MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property

- MFSA 2016-29/CVE-2016-1967 (bmo#1246956) Same-origin policy violation using perfomance.getEntries and history navigation with session restore

- MFSA 2016-30/CVE-2016-1968 (bmo#1246742) Buffer overflow in Brotli decompression

- MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin

- MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/ CVE-2016-1976/CVE-2016-1972 WebRTC and LibVPX vulnerabilities found through code inspection

- MFSA 2016-33/CVE-2016-1973 (bmo#1219339) Use-after-free in GetStaticInstance in WebRTC

- MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation

- MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1)

- MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)

- MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library

mozilla-nspr was updated to version 4.12

- added a PR_GetEnvSecure function, which attempts to detect if the program is being executed with elevated privileges, and returns NULL if detected. It is recommended to use this function in general purpose library code.

- fixed a memory allocation bug related to the PR_*printf functions

- exported API PR_DuplicateEnvironment, which had already been added in NSPR 4.10.9

- added support for FreeBSD aarch64

- several minor correctness and compatibility fixes

mozilla-nss was updated to NSS 3.21.1 (bmo#969894)

- required for Firefox 45.0

- MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1)

- MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1)

Solution

Update the affected Firefox packages.

See Also

https://bugzilla.mozilla.org/show_bug.cgi?id=1185033

https://bugzilla.mozilla.org/show_bug.cgi?id=1199923

https://bugzilla.mozilla.org/show_bug.cgi?id=1208946

https://bugzilla.mozilla.org/show_bug.cgi?id=1219339

https://bugzilla.mozilla.org/show_bug.cgi?id=1227052

https://bugzilla.mozilla.org/show_bug.cgi?id=1228103

https://bugzilla.mozilla.org/show_bug.cgi?id=1228754

https://bugzilla.mozilla.org/show_bug.cgi?id=1234949

https://bugzilla.mozilla.org/show_bug.cgi?id=1238440

https://bugzilla.mozilla.org/show_bug.cgi?id=1240760

https://bugzilla.mozilla.org/show_bug.cgi?id=1243178

https://bugzilla.mozilla.org/show_bug.cgi?id=1243335

https://bugzilla.mozilla.org/show_bug.cgi?id=1245264

https://bugzilla.mozilla.org/show_bug.cgi?id=1245528

https://bugzilla.mozilla.org/show_bug.cgi?id=1246014

https://bugzilla.mozilla.org/show_bug.cgi?id=1246054

https://bugzilla.mozilla.org/show_bug.cgi?id=1246742

https://bugzilla.mozilla.org/show_bug.cgi?id=1246956

https://bugzilla.mozilla.org/show_bug.cgi?id=1249377

https://bugzilla.mozilla.org/show_bug.cgi?id=969894

https://bugzilla.opensuse.org/show_bug.cgi?id=969894

Plugin Details

Severity: Critical

ID: 89915

File Name: openSUSE-2016-334.nasl

Version: 2.13

Type: local

Agent: unix

Published: 3/14/2016

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:mozillafirefox-translations-other, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nspr-devel, p-cpe:/a:novell:opensuse:libfreebl3, p-cpe:/a:novell:opensuse:mozilla-nss-certs, p-cpe:/a:novell:opensuse:mozilla-nss-tools, p-cpe:/a:novell:opensuse:libsoftokn3, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozillafirefox, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debugsource, p-cpe:/a:novell:opensuse:mozilla-nss-devel, p-cpe:/a:novell:opensuse:mozillafirefox-debugsource, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource, p-cpe:/a:novell:opensuse:mozillafirefox-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo, cpe:/o:novell:opensuse:13.1, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit, p-cpe:/a:novell:opensuse:mozillafirefox-buildsymbols, p-cpe:/a:novell:opensuse:mozillafirefox-devel, p-cpe:/a:novell:opensuse:libsoftokn3-32bit, p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo, p-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream, p-cpe:/a:novell:opensuse:mozilla-nspr, p-cpe:/a:novell:opensuse:libfreebl3-32bit, p-cpe:/a:novell:opensuse:mozilla-nspr-32bit, p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss, p-cpe:/a:novell:opensuse:mozillafirefox-translations-common, p-cpe:/a:novell:opensuse:mozilla-nss-32bit

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/12/2016

Reference Information

CVE: CVE-2016-1950, CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1967, CVE-2016-1968, CVE-2016-1970, CVE-2016-1971, CVE-2016-1972, CVE-2016-1973, CVE-2016-1974, CVE-2016-1975, CVE-2016-1976, CVE-2016-1977, CVE-2016-1979, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802