----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
SUSE Update for Mozilla Products

SECUNIA ADVISORY ID:
SA33493

VERIFY ADVISORY:
http://secunia.com/advisories/33493/

CRITICAL:
Highly critical

IMPACT:
Security Bypass, Cross Site Scripting, Exposure of sensitive
information, System access

WHERE:
>From remote

OPERATING SYSTEM:
openSUSE 10.3
http://secunia.com/advisories/product/16124/
openSUSE 11.0
http://secunia.com/advisories/product/19180/
openSUSE 11.1
http://secunia.com/advisories/product/20823/
SUSE Linux Enterprise Server 9
http://secunia.com/advisories/product/4118/
SUSE Linux Enterprise Server 10
http://secunia.com/advisories/product/12192/

SOFTWARE:
Novell Open Enterprise Server 1.x
http://secunia.com/advisories/product/4664/

DESCRIPTION:
SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and
mozilla. This fixes some vulnerabilities, which can be exploited by
malicious people to bypass certain security restrictions, disclose
sensitive information, conduct cross-site scripting attacks, or
potentially compromise a user's system.

For more information:
SA33184
SA33204
SA33205

SOLUTION:
Apply updated packages.

x86 Platform:

openSUSE 11.1:

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/MozillaThunderbird-2.0.0.19-0.1.2.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/MozillaThunderbird-devel-2.0.0.19-0.1.2.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/MozillaThunderbird-translations-2.0.0.19-0.1.2.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/mozilla-xulrunner181-1.8.1.19-1.1.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/mozilla-xulrunner181-devel-1.8.1.19-1.1.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.19-1.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/MozillaThunderbird-2.0.0.19-0.1.2.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/MozillaThunderbird-devel-2.0.0.19-0.1.2.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/MozillaThunderbird-translations-2.0.0.19-0.1.2.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/mozilla-xulrunner181-1.8.1.19-1.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/mozilla-xulrunner181-devel-1.8.1.19-1.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.19-1.1.i586.rpm

openSUSE 11.0:

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/MozillaThunderbird-debuginfo-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/MozillaThunderbird-debugsource-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/epiphany-debuginfo-2.22.1.1-25.3.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/epiphany-debugsource-2.22.1.1-25.3.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/epiphany-extensions-debuginfo-2.22.0-37.3.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/epiphany-extensions-debugsource-2.22.0-37.3.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/mozilla-xulrunner181-debuginfo-1.8.1.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.0/rpm/i586/mozilla-xulrunner181-debugsource-1.8.1.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaThunderbird-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaThunderbird-devel-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/MozillaThunderbird-translations-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-2.22.1.1-25.3.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-devel-2.22.1.1-25.3.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-doc-2.22.1.1-25.3.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/epiphany-extensions-2.22.0-37.3.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner181-1.8.1.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner181-devel-1.8.1.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.19-0.1.i586.rpm

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaThunderbird-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaThunderbird-translations-2.0.0.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-2.20.0-8.7.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-devel-2.20.0-8.7.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-doc-2.20.0-8.7.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/epiphany-extensions-2.20.0-8.7.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozilla-xulrunner181-1.8.1.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozilla-xulrunner181-devel-1.8.1.19-0.1.i586.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozilla-xulrunner181-l10n-1.8.1.19-0.1.i586.rpm

x86-64 Platform:

openSUSE 11.1:

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.19-1.1.x86_64.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/x86_64/mozilla-xulrunner181-l10n-32bit-1.8.1.19-1.1.x86_64.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.19-1.1.x86_64.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/x86_64/mozilla-xulrunner181-l10n-32bit-1.8.1.19-1.1.x86_64.rpm

openSUSE 11.0:

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.19-0.1.x86_64.rpm

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/mozilla-xulrunner181-32bit-1.8.1.19-0.1.x86_64.rpm

Sources:

openSUSE 11.1:

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/src/MozillaThunderbird-2.0.0.19-0.1.2.src.rpm

http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/src/mozilla-xulrunner181-1.8.1.19-1.1.src.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/src/MozillaThunderbird-2.0.0.19-0.1.2.src.rpm

http://download.opensuse.org/pub/opensuse/update/11.1/rpm/src/mozilla-xulrunner181-1.8.1.19-1.1.src.rpm

openSUSE 11.0:

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/MozillaThunderbird-2.0.0.19-0.1.src.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/epiphany-2.22.1.1-25.3.src.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/epiphany-extensions-2.22.0-37.3.src.rpm

http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/mozilla-xulrunner181-1.8.1.19-0.1.src.rpm

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.19-0.1.src.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaThunderbird-2.0.0.19-0.1.src.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/epiphany-2.20.0-8.7.src.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/epiphany-extensions-2.20.0-8.7.src.rpm

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/mozilla-xulrunner181-1.8.1.19-0.1.src.rpm

SLE SDK 10 SP2

http://download.novell.com/index.jsp?search=Search&keywords=541ba20ce3672e889b13f6d1c3f1f63d

SUSE Linux Enterprise Server 10 SP2

http://download.novell.com/index.jsp?search=Search&keywords=541ba20ce3672e889b13f6d1c3f1f63d

http://download.novell.com/index.jsp?search=Search&keywords=33506fec82dc35bf303f22f8063bf182

SUSE Linux Enterprise 10 SP2 DEBUGINFO

http://download.novell.com/index.jsp?search=Search&keywords=33506fec82dc35bf303f22f8063bf182

SUSE Linux Enterprise Desktop 10 SP2

http://download.novell.com/index.jsp?search=Search&keywords=541ba20ce3672e889b13f6d1c3f1f63d

http://download.novell.com/index.jsp?search=Search&keywords=33506fec82dc35bf303f22f8063bf182

Open Enterprise Server

http://download.novell.com/index.jsp?search=Search&keywords=0e95b6241be3476dc7e25a19a51d3d48

Novell Linux POS 9

http://download.novell.com/index.jsp?search=Search&keywords=0e95b6241be3476dc7e25a19a51d3d48

Novell Linux Desktop 9

http://download.novell.com/index.jsp?search=Search&keywords=f3a7728c69c970d583ccc6816c706262

http://download.novell.com/index.jsp?search=Search&keywords=0e95b6241be3476dc7e25a19a51d3d48

SUSE SLES 9

http://download.novell.com/index.jsp?search=Search&keywords=0e95b6241be3476dc7e25a19a51d3d48

ORIGINAL ADVISORY:
SUSE-SA:2009:002:
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00003.html

OTHER REFERENCES:
SA33184:
http://secunia.com/advisories/33184/

SA33204:
http://secunia.com/advisories/33204/

SA33205:
http://secunia.com/advisories/33205/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------