---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox SECUNIA ADVISORY ID: SA29645 VERIFY ADVISORY: http://secunia.com/advisories/29645/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ openSUSE 10.2 http://secunia.com/product/13375/ openSUSE 10.3 http://secunia.com/product/16124/ SUSE Linux 10.1 http://secunia.com/product/10796/ DESCRIPTION: SUSE has issued an update for MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. For more information: SA29526 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.13-0.1.i586.rpm 51d8a8c8edb273d218f953594c6ddf3c ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.13-0.1.i586.rpm 5e251d0f4081b0a85426c3980dfab1de SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-2.0.0.13-0.2.i586.rpm b499f3f8d9ba4256252061aab28f0c6a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-2.0.0.13-0.2.i586.rpm 91503917ccefab19dbc15c1278b74e87 openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.13-0.1.i586.rpm 69a8dea7a11bf49d2904ae6f9d97ae6b http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.13-0.1.i586.rpm bb6cb21d18921ccbd5beeb3168f9534e Power PC Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-2.0.0.13-0.1.ppc.rpm c71b7bfc6208f1325d38709203b4b499 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-translations-2.0.0.13-0.1.ppc.rpm e930fd3b905d3e4ffa8700a7fe640de3 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-2.0.0.13-0.1.ppc.rpm 0a33a67ae69a50ffbadd8a048faff6b8 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-translations-2.0.0.13-0.1.ppc.rpm 3fdead7625dc869721a03253d3906792 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-2.0.0.13-0.2.ppc.rpm 9216457807f5d91115002460b9e5085f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-2.0.0.13-0.2.ppc.rpm 6ac3fddcccee1effd9a50abb3a391a83 x86-64 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-2.0.0.13-0.1.x86_64.rpm 5400995c1eb085079dbb9a4d481cc532 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-translations-2.0.0.13-0.1.x86_64.rpm d6e6d70d5bc2be14bd3c855826a5a963 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-2.0.0.13-0.1.x86_64.rpm 827cf91765f9b3e32642199902199e04 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-translations-2.0.0.13-0.1.x86_64.rpm 6f637200918e4ef723fe738294d506aa Sources: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.13-0.1.src.rpm 1d730e60aeea0a130c4f5ffd938e987d openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.13-0.1.src.rpm fe6559ddb5339d0192bb1dc18e4ad3b7 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaFirefox-2.0.0.13-0.2.src.rpm 3e764986a1f07439e43d58046333ab55 Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/ad3e48b131593041b00e35f46ab10b61.html SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/582b39035a906e2902717de1327b2cf2.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/582b39035a906e2902717de1327b2cf2.html ORIGINAL ADVISORY: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html OTHER REFERENCES: SA29526: http://secunia.com/advisories/29526/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------