881874 – (CVE-2014-1533) VUL-0: MozillaFirefox 30 security release

Bug 881874 (CVE-2014-1533) - VUL-0: MozillaFirefox 30 security release

Summary: VUL-0: MozillaFirefox 30 security release

Status:	RESOLVED FIXED

Alias:	CVE-2014-1533

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	All All

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Deadline:	2014-07-17
Assignee:	Petr Cerny
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle10-sp3:57803 maint:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-06-09 14:19 UTC by Petr Cerny
Modified:	2020-04-05 18:23 UTC (History)
CC List:	6 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Petr Cerny 2014-06-09 14:19:41 UTC

Planned release date is 2014-06-10

Firefox 30
Firefox/Thunderbird 24.6.0 ESR
Seamonkey 2.27

Comment 1 Swamp Workflow Management 2014-06-09 22:00:13 UTC

bugbot adjusting priority

Comment 2 Swamp Workflow Management 2014-06-10 08:39:59 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-06-24.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/57758

Comment 3 SMASH SMASH 2014-06-10 08:40:12 UTC

Affected packages:

SLE-11-SP3: MozillaFirefox, MozillaThunderbird
SLE-11-SP2: MozillaFirefox, MozillaThunderbird
SLE-11-SP1: MozillaThunderbird, MozillaFirefox
SLE-10-SP3-TERADATA: MozillaFirefox

Comment 4 Wolfgang Rosenauer 2014-06-10 10:09:21 UTC

working on openSUSE versions.
There was a very late change last night for 24esr verions and an OBS outage which will delay the final submissions a bit.

Also please note that NSPR will need an update to 4.10.6 as there is a security relevant bugfix provided together with it which makes it also mandatory for Firefox 30.

Comment 5 Marcus Meissner 2014-06-11 10:07:25 UTC

is public

Comment 6 Petr Cerny 2014-06-11 11:00:55 UTC

SeaMonkey is skipping regular release, security fixes will be contained in 2.26.1, planned release on 2014-06-14 (https://wiki.mozilla.org/SeaMonkey/StatusMeetings/2014-06-10#Status_of_the_SeaMonkey_Buildbot_Master_and_Tree).

Comment 10 Bernhard Wiedemann 2014-06-11 13:00:13 UTC

This is an autogenerated message for OBS integration:
This bug (881874) was mentioned in
https://build.opensuse.org/request/show/236861 Factory / mozilla-nspr
https://build.opensuse.org/request/show/236862 13.1 / mozilla-nspr
https://build.opensuse.org/request/show/236863 12.3 / mozilla-nspr
https://build.opensuse.org/request/show/236864 Evergreen:11.4 / mozilla-nspr
https://build.opensuse.org/request/show/236866 13.1 / MozillaFirefox
https://build.opensuse.org/request/show/236867 12.3 / MozillaFirefox
https://build.opensuse.org/request/show/236869 Factory / MozillaThunderbird
https://build.opensuse.org/request/show/236870 13.1 / MozillaThunderbird
https://build.opensuse.org/request/show/236871 12.3 / MozillaThunderbird
https://build.opensuse.org/request/show/236872 Evergreen:11.4 / MozillaThunderbird
https://build.opensuse.org/request/show/236875 Factory / MozillaFirefox

Comment 11 Bernhard Wiedemann 2014-06-12 07:00:13 UTC

This is an autogenerated message for OBS integration:
This bug (881874) was mentioned in
https://build.opensuse.org/request/show/236937 Evergreen:11.4 / MozillaFirefox

Comment 12 Johannes Segitz 2014-06-12 09:47:46 UTC

Changed severity to reflect the rating provided by https://www.mozilla.org/security/announce/

Comment 15 Swamp Workflow Management 2014-06-16 06:04:22 UTC

openSUSE-SU-2014:0797-1: An update that fixes 7 vulnerabilities is now available.

Category: security (critical)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1541,CVE-2014-1545
Sources used:
openSUSE 11.4 (src):    MozillaFirefox-24.6.0-115.1, MozillaThunderbird-24.6.0-97.1, mozilla-nspr-4.10.6-44.1

Comment 16 Bernhard Wiedemann 2014-06-16 20:00:14 UTC

This is an autogenerated message for OBS integration:
This bug (881874) was mentioned in
https://build.opensuse.org/request/show/237584 Factory / seamonkey
https://build.opensuse.org/request/show/237585 13.1 / seamonkey
https://build.opensuse.org/request/show/237586 12.3 / seamonkey

Comment 17 Swamp Workflow Management 2014-06-20 09:04:22 UTC

openSUSE-SU-2014:0819-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1539,CVE-2014-1540,CVE-2014-1541,CVE-2014-1542,CVE-2014-1543,CVE-2014-1545
Sources used:
openSUSE 13.1 (src):    MozillaFirefox-30.0-29.1, mozilla-nspr-4.10.6-12.1, mozilla-nss-3.16-23.1
openSUSE 12.3 (src):    MozillaFirefox-30.0-1.68.1, mozilla-nspr-4.10.6-1.30.1, mozilla-nss-3.16-1.39.1

Comment 18 Swamp Workflow Management 2014-06-20 14:04:26 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-devel, MozillaFirefox-translations, mozilla-nspr, mozilla-nspr-debuginfo, mozilla-nspr-devel, mozilla-nss, mozilla-nss-debuginfo, mozilla-nss-devel, mozilla-nss-tools
Products:
SLE-DEBUGINFO 10-SP3-TERADATA (x86_64)
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 19 Swamp Workflow Management 2014-06-20 18:53:04 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-devel, MozillaFirefox-translations, libfreebl3, libfreebl3-32bit, libfreebl3-64bit, libfreebl3-x86, libsoftokn3, libsoftokn3-32bit, libsoftokn3-64bit, libsoftokn3-x86, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-64bit, mozilla-nspr-debuginfo, mozilla-nspr-debuginfo-32bit, mozilla-nspr-debuginfo-64bit, mozilla-nspr-debuginfo-x86, mozilla-nspr-debugsource, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-64bit, mozilla-nss-debuginfo, mozilla-nss-debuginfo-32bit, mozilla-nss-debuginfo-64bit, mozilla-nss-debuginfo-x86, mozilla-nss-debugsource, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP3 (i386, x86_64)
SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP3 (i386, x86_64)

Comment 20 Swamp Workflow Management 2014-06-20 19:50:51 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-devel, MozillaFirefox-translations, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 10-SP3 (i386, s390x, x86_64)
SLE-SERVER 10-SP3-LTSS (i386, s390x, x86_64)

Comment 21 Swamp Workflow Management 2014-06-20 23:04:56 UTC

SUSE-SU-2014:0824-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1541,CVE-2014-1545
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    MozillaFirefox-24.6.0esr-0.8.1, mozilla-nspr-4.10.6-0.3.1, mozilla-nss-3.16.1-0.8.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    MozillaFirefox-24.6.0esr-0.8.1, mozilla-nspr-4.10.6-0.3.1, mozilla-nss-3.16.1-0.8.1
SUSE Linux Enterprise Server 11 SP3 (src):    MozillaFirefox-24.6.0esr-0.8.1, MozillaFirefox-branding-SLED-24-0.7.48, mozilla-nspr-4.10.6-0.3.1, mozilla-nss-3.16.1-0.8.1
SUSE Linux Enterprise Server 10 SP3 LTSS (src):    MozillaFirefox-24.6.0esr-0.5.2, MozillaFirefox-branding-SLED-24-0.12.1, mozilla-nspr-4.10.6-0.5.1, mozilla-nss-3.16.1-0.5.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    MozillaFirefox-24.6.0esr-0.8.1, MozillaFirefox-branding-SLED-24-0.7.48, mozilla-nspr-4.10.6-0.3.1, mozilla-nss-3.16.1-0.8.1

Comment 23 Swamp Workflow Management 2014-06-23 14:11:32 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-devel, MozillaFirefox-translations, libfreebl3, libfreebl3-32bit, libfreebl3-x86, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-debuginfo-32bit, mozilla-nspr-debuginfo-x86, mozilla-nspr-debugsource, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-debuginfo-32bit, mozilla-nss-debuginfo-x86, mozilla-nss-debugsource, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 11-SP1 (i386, s390x, x86_64)
SLE-SERVER 11-SP1-LTSS (i386, s390x, x86_64)

Comment 24 Swamp Workflow Management 2014-06-23 14:54:01 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-devel, MozillaFirefox-translations, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 10-SP4 (i386, s390x, x86_64)
SLE-SERVER 10-SP4-LTSS (i386, s390x, x86_64)

Comment 25 Swamp Workflow Management 2014-06-23 18:09:26 UTC

SUSE-SU-2014:0824-2: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1541,CVE-2014-1545
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    MozillaFirefox-24.6.0esr-0.3.1, MozillaFirefox-branding-SLED-24-0.4.10.24, mozilla-nspr-4.10.6-0.3.1, mozilla-nss-3.16.1-0.3.1
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    MozillaFirefox-24.6.0esr-0.5.2, MozillaFirefox-branding-SLED-24-0.12.1, mozilla-nspr-4.10.6-0.5.1, mozilla-nss-3.16.1-0.5.1

Comment 26 Swamp Workflow Management 2014-06-24 15:04:39 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-devel, MozillaFirefox-translations, libfreebl3, mozilla-nspr, mozilla-nspr-debuginfo, mozilla-nspr-debugsource, mozilla-nspr-devel, mozilla-nss, mozilla-nss-debuginfo, mozilla-nss-debugsource, mozilla-nss-devel, mozilla-nss-tools
Products:
SLE-DEBUGINFO 11-SP1-TERADATA (x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)

Comment 27 Swamp Workflow Management 2014-06-24 19:00:02 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-debugsource, MozillaFirefox-devel, MozillaFirefox-translations, libfreebl3, libfreebl3-32bit, libfreebl3-x86, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-debuginfo-32bit, mozilla-nspr-debuginfo-x86, mozilla-nspr-debugsource, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-debuginfo-32bit, mozilla-nss-debuginfo-x86, mozilla-nss-debugsource, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 11-SP2 (i386, s390x, x86_64)
SLE-SERVER 11-SP2-LTSS (i386, s390x, x86_64)

Comment 28 Swamp Workflow Management 2014-06-24 22:04:27 UTC

SUSE-SU-2014:0824-3: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1541,CVE-2014-1545
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    MozillaFirefox-24.6.0esr-0.3.1, MozillaFirefox-branding-SLED-24-0.4.10.24, mozilla-nspr-4.10.6-0.3.1, mozilla-nss-3.16.1-0.3.1

Comment 29 Marcus Meissner 2014-06-30 09:32:02 UTC

released

Comment 30 Swamp Workflow Management 2014-07-01 10:04:27 UTC

openSUSE-SU-2014:0855-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1539,CVE-2014-1540,CVE-2014-1541,CVE-2014-1542,CVE-2014-1543,CVE-2014-1545
Sources used:
openSUSE 13.1 (src):    seamonkey-2.26.1-28.3
openSUSE 12.3 (src):    seamonkey-2.26.1-1.53.3

Comment 31 Swamp Workflow Management 2014-07-01 10:07:29 UTC

openSUSE-SU-2014:0858-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1541,CVE-2014-1545
Sources used:
openSUSE 13.1 (src):    MozillaThunderbird-24.6.0-70.23.3
openSUSE 12.3 (src):    MozillaThunderbird-24.6.0-61.51.3

Comment 32 Swamp Workflow Management 2014-07-10 15:45:02 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2014-07-17.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58268

Comment 33 Swamp Workflow Management 2014-07-16 20:02:26 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-devel, MozillaFirefox-translations, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 10-SP4 (i386, s390x, x86_64)
SLE-SERVER 10-SP4-LTSS (i386, s390x, x86_64)

Comment 34 Swamp Workflow Management 2014-07-16 20:04:20 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-devel, MozillaFirefox-translations, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 10-SP3-TERADATA (x86_64)
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 35 Swamp Workflow Management 2014-07-16 20:56:16 UTC

Update released for: MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-upstream, MozillaFirefox-debuginfo, MozillaFirefox-devel, MozillaFirefox-translations, mozilla-nspr, mozilla-nspr-32bit, mozilla-nspr-debuginfo, mozilla-nspr-devel, mozilla-nspr-x86, mozilla-nss, mozilla-nss-32bit, mozilla-nss-debuginfo, mozilla-nss-devel, mozilla-nss-tools, mozilla-nss-x86
Products:
SLE-DEBUGINFO 10-SP3 (i386, s390x, x86_64)
SLE-SERVER 10-SP3-LTSS (i386, s390x, x86_64)

Comment 36 Swamp Workflow Management 2014-07-17 00:04:36 UTC

SUSE-SU-2014:0905-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 881874
CVE References: CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1541,CVE-2014-1545
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    MozillaFirefox-24.6.0esr-0.5.4, MozillaFirefox-branding-SLED-24-0.12.4, mozilla-nspr-4.10.6-0.5.4, mozilla-nss-3.16.1-0.5.4
SUSE Linux Enterprise Server 10 SP3 LTSS (src):    MozillaFirefox-24.6.0esr-0.5.4, MozillaFirefox-branding-SLED-24-0.12.4, mozilla-nspr-4.10.6-0.5.4, mozilla-nss-3.16.1-0.5.4

Comment 37 Swamp Workflow Management 2014-09-09 16:23:10 UTC

openSUSE-SU-2014:1100-1: An update that fixes 475 vulnerabilities is now available.

Category: security (important)
Bug References: 104586,354469,385739,390992,417869,41903,429179,439841,441084,455804,484321,503151,518603,527418,528406,529180,542809,559819,576969,582276,586567,593807,603356,622506,637303,642502,645315,649492,657016,664211,667155,689281,701296,712224,714931,720264,726758,728520,732898,733002,737533,744275,746616,747328,749440,750044,755060,758408,765204,771583,777588,783533,786522,790140,796895,804248,808243,813026,819204,825935,833389,840485,847708,854370,861847,868603,875378,876833,881874,887746,894201,894370
CVE References: CVE-2007-3089,CVE-2007-3285,CVE-2007-3656,CVE-2007-3670,CVE-2007-3734,CVE-2007-3735,CVE-2007-3736,CVE-2007-3737,CVE-2007-3738,CVE-2008-0016,CVE-2008-1233,CVE-2008-1234,CVE-2008-1235,CVE-2008-1236,CVE-2008-1237,CVE-2008-3835,CVE-2008-4058,CVE-2008-4059,CVE-2008-4060,CVE-2008-4061,CVE-2008-4062,CVE-2008-4063,CVE-2008-4064,CVE-2008-4065,CVE-2008-4066,CVE-2008-4067,CVE-2008-4068,CVE-2008-4070,CVE-2008-5012,CVE-2008-5014,CVE-2008-5016,CVE-2008-5017,CVE-2008-5018,CVE-2008-5021,CVE-2008-5022,CVE-2008-5024,CVE-2008-5500,CVE-2008-5501,CVE-2008-5502,CVE-2008-5503,CVE-2008-5506,CVE-2008-5507,CVE-2008-5508,CVE-2008-5510,CVE-2008-5511,CVE-2008-5512,CVE-2009-0040,CVE-2009-0771,CVE-2009-0772,CVE-2009-0773,CVE-2009-0774,CVE-2009-0776,CVE-2009-1571,CVE-2009-3555,CVE-2010-0159,CVE-2010-0173,CVE-2010-0174,CVE-2010-0175,CVE-2010-0176,CVE-2010-0182,CVE-2010-0654,CVE-2010-1121,CVE-2010-1196,CVE-2010-1199,CVE-2010-1200,CVE-2010-1201,CVE-2010-1202,CVE-2010-1203,CVE-2010-1205,CVE-2010-1211,CVE-2010-1212,CVE-2010-1213,CVE-2010-1585,CVE-2010-2752,CVE-2010-2753,CVE-2010-2754,CVE-2010-2760,CVE-2010-2762,CVE-2010-2764,CVE-2010-2765,CVE-2010-2766,CVE-2010-2767,CVE-2010-2768,CVE-2010-2769,CVE-2010-3166,CVE-2010-3167,CVE-2010-3168,CVE-2010-3169,CVE-2010-3170,CVE-2010-3173,CVE-2010-3174,CVE-2010-3175,CVE-2010-3176,CVE-2010-3178,CVE-2010-3179,CVE-2010-3180,CVE-2010-3182,CVE-2010-3183,CVE-2010-3765,CVE-2010-3768,CVE-2010-3769,CVE-2010-3776,CVE-2010-3777,CVE-2010-3778,CVE-2011-0053,CVE-2011-0061,CVE-2011-0062,CVE-2011-0069,CVE-2011-0070,CVE-2011-0072,CVE-2011-0074,CVE-2011-0075,CVE-2011-0077,CVE-2011-0078,CVE-2011-0080,CVE-2011-0081,CVE-2011-0083,CVE-2011-0084,CVE-2011-0085,CVE-2011-1187,CVE-2011-2362,CVE-2011-2363,CVE-2011-2364,CVE-2011-2365,CVE-2011-2371,CVE-2011-2372,CVE-2011-2373,CVE-2011-2374,CVE-2011-2376,CVE-2011-2377,CVE-2011-2985,CVE-2011-2986,CVE-2011-2987,CVE-2011-2988,CVE-2011-2989,CVE-2011-2991,CVE-2011-2992,CVE-2011-3000,CVE-2011-3001,CVE-2011-3005,CVE-2011-3026,CVE-2011-3062,CVE-2011-3101,CVE-2011-3232,CVE-2011-3648,CVE-2011-3650,CVE-2011-3651,CVE-2011-3652,CVE-2011-3654,CVE-2011-3655,CVE-2011-3658,CVE-2011-3659,CVE-2011-3660,CVE-2011-3661,CVE-2011-3663,CVE-2012-0441,CVE-2012-0442,CVE-2012-0443,CVE-2012-0444,CVE-2012-0445,CVE-2012-0446,CVE-2012-0447,CVE-2012-0449,CVE-2012-0451,CVE-2012-0452,CVE-2012-0455,CVE-2012-0456,CVE-2012-0457,CVE-2012-0458,CVE-2012-0459,CVE-2012-0460,CVE-2012-0461,CVE-2012-0462,CVE-2012-0463,CVE-2012-0464,CVE-2012-0467,CVE-2012-0468,CVE-2012-0469,CVE-2012-0470,CVE-2012-0471,CVE-2012-0472,CVE-2012-0473,CVE-2012-0474,CVE-2012-0475,CVE-2012-0477,CVE-2012-0478,CVE-2012-0479,CVE-2012-0759,CVE-2012-1937,CVE-2012-1938,CVE-2012-1940,CVE-2012-1941,CVE-2012-1944,CVE-2012-1945,CVE-2012-1946,CVE-2012-1947,CVE-2012-1948,CVE-2012-1949,CVE-2012-1951,CVE-2012-1952,CVE-2012-1953,CVE-2012-1954,CVE-2012-1955,CVE-2012-1956,CVE-2012-1957,CVE-2012-1958,CVE-2012-1959,CVE-2012-1960,CVE-2012-1961,CVE-2012-1962,CVE-2012-1963,CVE-2012-1967,CVE-2012-1970,CVE-2012-1972,CVE-2012-1973,CVE-2012-1974,CVE-2012-1975,CVE-2012-1976,CVE-2012-3956,CVE-2012-3957,CVE-2012-3958,CVE-2012-3959,CVE-2012-3960,CVE-2012-3961,CVE-2012-3962,CVE-2012-3963,CVE-2012-3964,CVE-2012-3966,CVE-2012-3967,CVE-2012-3968,CVE-2012-3969,CVE-2012-3970,CVE-2012-3971,CVE-2012-3972,CVE-2012-3975,CVE-2012-3978,CVE-2012-3980,CVE-2012-3982,CVE-2012-3983,CVE-2012-3984,CVE-2012-3985,CVE-2012-3986,CVE-2012-3988,CVE-2012-3989,CVE-2012-3990,CVE-2012-3991,CVE-2012-3992,CVE-2012-3993,CVE-2012-3994,CVE-2012-3995,CVE-2012-4179,CVE-2012-4180,CVE-2012-4181,CVE-2012-4182,CVE-2012-4183,CVE-2012-4184,CVE-2012-4185,CVE-2012-4186,CVE-2012-4187,CVE-2012-4188,CVE-2012-4191,CVE-2012-4192,CVE-2012-4193,CVE-2012-4194,CVE-2012-4195,CVE-2012-4196,CVE-2012-4201,CVE-2012-4202,CVE-2012-4204,CVE-2012-4205,CVE-2012-4207,CVE-2012-4208,CVE-2012-4209,CVE-2012-4212,CVE-2012-4213,CVE-2012-4214,CVE-2012-4215,CVE-2012-4216,CVE-2012-4217,CVE-2012-4218,CVE-2012-5829,CVE-2012-5830,CVE-2012-5833,CVE-2012-5835,CVE-2012-5836,CVE-2012-5837,CVE-2012-5838,CVE-2012-5839,CVE-2012-5840,CVE-2012-5841,CVE-2012-5842,CVE-2012-5843,CVE-2013-0743,CVE-2013-0744,CVE-2013-0745,CVE-2013-0746,CVE-2013-0747,CVE-2013-0748,CVE-2013-0749,CVE-2013-0750,CVE-2013-0752,CVE-2013-0753,CVE-2013-0754,CVE-2013-0755,CVE-2013-0756,CVE-2013-0757,CVE-2013-0758,CVE-2013-0760,CVE-2013-0761,CVE-2013-0762,CVE-2013-0763,CVE-2013-0764,CVE-2013-0766,CVE-2013-0767,CVE-2013-0768,CVE-2013-0769,CVE-2013-0770,CVE-2013-0771,CVE-2013-0773,CVE-2013-0774,CVE-2013-0775,CVE-2013-0776,CVE-2013-0780,CVE-2013-0782,CVE-2013-0783,CVE-2013-0787,CVE-2013-0788,CVE-2013-0789,CVE-2013-0793,CVE-2013-0795,CVE-2013-0796,CVE-2013-0800,CVE-2013-0801,CVE-2013-1669,CVE-2013-1670,CVE-2013-1674,CVE-2013-1675,CVE-2013-1676,CVE-2013-1677,CVE-2013-1678,CVE-2013-1679,CVE-2013-1680,CVE-2013-1681,CVE-2013-1682,CVE-2013-1684,CVE-2013-1685,CVE-2013-1686,CVE-2013-1687,CVE-2013-1690,CVE-2013-1692,CVE-2013-1693,CVE-2013-1694,CVE-2013-1697,CVE-2013-1701,CVE-2013-1709,CVE-2013-1710,CVE-2013-1713,CVE-2013-1714,CVE-2013-1717,CVE-2013-1718,CVE-2013-1719,CVE-2013-1720,CVE-2013-1722,CVE-2013-1723,CVE-2013-1724,CVE-2013-1725,CVE-2013-1728,CVE-2013-1730,CVE-2013-1732,CVE-2013-1735,CVE-2013-1736,CVE-2013-1737,CVE-2013-1738,CVE-2013-5590,CVE-2013-5591,CVE-2013-5592,CVE-2013-5593,CVE-2013-5595,CVE-2013-5596,CVE-2013-5597,CVE-2013-5599,CVE-2013-5600,CVE-2013-5601,CVE-2013-5602,CVE-2013-5603,CVE-2013-5604,CVE-2013-5609,CVE-2013-5610,CVE-2013-5611,CVE-2013-5612,CVE-2013-5613,CVE-2013-5614,CVE-2013-5615,CVE-2013-5616,CVE-2013-5618,CVE-2013-5619,CVE-2013-6629,CVE-2013-6630,CVE-2013-6671,CVE-2013-6672,CVE-2013-6673,CVE-2014-1477,CVE-2014-1478,CVE-2014-1479,CVE-2014-1480,CVE-2014-1481,CVE-2014-1482,CVE-2014-1483,CVE-2014-1484,CVE-2014-1485,CVE-2014-1486,CVE-2014-1487,CVE-2014-1488,CVE-2014-1489,CVE-2014-1490,CVE-2014-1491,CVE-2014-1492,CVE-2014-1493,CVE-2014-1494,CVE-2014-1497,CVE-2014-1498,CVE-2014-1499,CVE-2014-1500,CVE-2014-1502,CVE-2014-1504,CVE-2014-1505,CVE-2014-1508,CVE-2014-1509,CVE-2014-1510,CVE-2014-1511,CVE-2014-1512,CVE-2014-1513,CVE-2014-1514,CVE-2014-1518,CVE-2014-1519,CVE-2014-1522,CVE-2014-1523,CVE-2014-1524,CVE-2014-1525,CVE-2014-1526,CVE-2014-1528,CVE-2014-1529,CVE-2014-1530,CVE-2014-1531,CVE-2014-1532,CVE-2014-1533,CVE-2014-1534,CVE-2014-1536,CVE-2014-1537,CVE-2014-1538,CVE-2014-1539,CVE-2014-1540,CVE-2014-1541,CVE-2014-1542,CVE-2014-1543,CVE-2014-1544,CVE-2014-1545,CVE-2014-1547,CVE-2014-1548,CVE-2014-1549,CVE-2014-1550,CVE-2014-1552,CVE-2014-1553,CVE-2014-1555,CVE-2014-1556,CVE-2014-1557,CVE-2014-1558,CVE-2014-1559,CVE-2014-1560,CVE-2014-1561,CVE-2014-1562,CVE-2014-1563,CVE-2014-1564,CVE-2014-1565,CVE-2014-1567
Sources used:
openSUSE 11.4 (src):    MozillaFirefox-24.8.0-127.1, mozilla-nss-3.16.4-94.1