Bugzilla – Bug 983639
VUL-0: CVE-2016-2834: mozilla-nss: Memory safety bugs fixed in NSS 3.23 (MFSA 2016-61)
Last modified: 2020-06-16 22:06:21 UTC
https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/ Mozilla Foundation Security Advisory 2016-61 Network Security Services (NSS) vulnerabilities Announced June 7, 2016 Reporter Tyson Smith, Jed Davis Impact Moderate Products Firefox, NSS Fixed in Firefox 47 NSS 3.23 Description Mozilla has updated the version of Network Security Services (NSS) library used in Firefox to NSS 3.23. This addresses four moderate rated networking security issues reported by Mozilla engineers Tyson Smith and Jed Davis. References Memory safety bugs fixed in NSS 3.23 (CVE-2016-2834)
openSUSE-SU-2016:1552-1: An update that solves 13 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 980384,981695,983549,983632,983638,983639,983640,983643,983644,983646,983649,983651,983652,983653,983655 CVE References: CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2825,CVE-2016-2828,CVE-2016-2829,CVE-2016-2831,CVE-2016-2832,CVE-2016-2833,CVE-2016-2834 Sources used: openSUSE Leap 42.1 (src): MozillaFirefox-47.0-24.1, mozilla-nss-3.23-18.1 openSUSE 13.2 (src): MozillaFirefox-47.0-71.1, mozilla-nss-3.23-34.1
openSUSE-SU-2016:1557-1: An update that solves 14 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 980384,981695,983549,983632,983638,983639,983640,983643,983644,983646,983649,983651,983652,983653,983655 CVE References: CVE-2016-1950,CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2825,CVE-2016-2828,CVE-2016-2829,CVE-2016-2831,CVE-2016-2832,CVE-2016-2833,CVE-2016-2834 Sources used: openSUSE 13.1 (src): MozillaFirefox-47.0-116.1, mozilla-nss-3.23-80.1
SUSE-SU-2016:1691-1: An update that solves 9 vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 982366,983549,983638,983639,983643,983646,983651,983652,983653,983655,984006,984126,985659 CVE References: CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2828,CVE-2016-2831,CVE-2016-2834 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): MozillaFirefox-45.2.0esr-75.2, mozilla-nspr-4.12-15.2, mozilla-nss-3.21.1-46.2 SUSE Linux Enterprise Software Development Kit 12 (src): MozillaFirefox-45.2.0esr-75.2, mozilla-nspr-4.12-15.2, mozilla-nss-3.21.1-46.2 SUSE Linux Enterprise Server 12-SP1 (src): MozillaFirefox-45.2.0esr-75.2, MozillaFirefox-branding-SLE-45.0-28.2, mozilla-nspr-4.12-15.2, mozilla-nss-3.21.1-46.2 SUSE Linux Enterprise Server 12 (src): MozillaFirefox-45.2.0esr-75.2, MozillaFirefox-branding-SLE-45.0-28.2, mozilla-nspr-4.12-15.2, mozilla-nss-3.21.1-46.2 SUSE Linux Enterprise Desktop 12-SP1 (src): MozillaFirefox-45.2.0esr-75.2, MozillaFirefox-branding-SLE-45.0-28.2, mozilla-nspr-4.12-15.2, mozilla-nss-3.21.1-46.2 SUSE Linux Enterprise Desktop 12 (src): MozillaFirefox-45.2.0esr-75.2, MozillaFirefox-branding-SLE-45.0-28.2, mozilla-nspr-4.12-15.2, mozilla-nss-3.21.1-46.2
SUSE-SU-2016:1799-1: An update that solves 9 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 983549,983638,983639,983643,983646,983651,983652,983653,983655,984006,985659 CVE References: CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2828,CVE-2016-2831,CVE-2016-2834 Sources used: SUSE OpenStack Cloud 5 (src): MozillaFirefox-45.2.0esr-45.2, MozillaFirefox-branding-SLED-45.0-23.10, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Manager Proxy 2.1 (src): MozillaFirefox-45.2.0esr-45.2, MozillaFirefox-branding-SLED-45.0-23.10, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Manager 2.1 (src): MozillaFirefox-45.2.0esr-45.2, MozillaFirefox-branding-SLED-45.0-23.10, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): MozillaFirefox-45.2.0esr-45.2, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Linux Enterprise Server 11-SP4 (src): MozillaFirefox-45.2.0esr-45.2, MozillaFirefox-branding-SLED-45.0-23.10, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): MozillaFirefox-45.2.0esr-45.2, MozillaFirefox-branding-SLED-45.0-23.10, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): MozillaFirefox-45.2.0esr-45.2, MozillaFirefox-branding-SLED-45.0-23.10, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): MozillaFirefox-45.2.0esr-45.2, firefox-fontconfig-2.11.0-2.1, mozilla-nspr-4.12-29.1, mozilla-nss-3.21.1-35.1
SUSE-SU-2016:2061-1: An update that fixes 24 vulnerabilities is now available. Category: security (important) Bug References: 983549,983638,983639,983643,983646,983651,983652,983653,983655,984006,985659,989196,990628,990856,991809 CVE References: CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2828,CVE-2016-2830,CVE-2016-2831,CVE-2016-2834,CVE-2016-2835,CVE-2016-2836,CVE-2016-2837,CVE-2016-2838,CVE-2016-2839,CVE-2016-5252,CVE-2016-5254,CVE-2016-5258,CVE-2016-5259,CVE-2016-5262,CVE-2016-5263,CVE-2016-5264,CVE-2016-5265,CVE-2016-6354 Sources used: SUSE Linux Enterprise Server 11-SP2-LTSS (src): MozillaFirefox-45.3.0esr-48.1, MozillaFirefox-branding-SLED-45.0-20.38, firefox-fontconfig-2.11.0-4.2, mozilla-nspr-4.12-25.2, mozilla-nss-3.21.1-26.2 SUSE Linux Enterprise Debuginfo 11-SP2 (src): MozillaFirefox-45.3.0esr-48.1, firefox-fontconfig-2.11.0-4.2, mozilla-nspr-4.12-25.2, mozilla-nss-3.21.1-26.2
released
SUSE-SU-2017:1175-1: An update that fixes 29 vulnerabilities is now available. Category: security (important) Bug References: 1015499,1015547,1021636,1030071,1035082,983639 CVE References: CVE-2016-1950,CVE-2016-2834,CVE-2016-8635,CVE-2016-9574,CVE-2017-5429,CVE-2017-5432,CVE-2017-5433,CVE-2017-5434,CVE-2017-5435,CVE-2017-5436,CVE-2017-5437,CVE-2017-5438,CVE-2017-5439,CVE-2017-5440,CVE-2017-5441,CVE-2017-5442,CVE-2017-5443,CVE-2017-5444,CVE-2017-5445,CVE-2017-5446,CVE-2017-5447,CVE-2017-5448,CVE-2017-5459,CVE-2017-5460,CVE-2017-5461,CVE-2017-5462,CVE-2017-5464,CVE-2017-5465,CVE-2017-5469 Sources used: SUSE OpenStack Cloud 5 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Manager Proxy 2.1 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Manager 2.1 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Linux Enterprise Server 11-SP4 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): MozillaFirefox-45.9.0esr-71.2, mozilla-nspr-4.13.1-32.1, mozilla-nss-3.29.5-46.1
SUSE-SU-2017:1248-1: An update that fixes 29 vulnerabilities is now available. Category: security (important) Bug References: 1015499,1015547,1021636,1026102,1030071,1035082,983639 CVE References: CVE-2016-1950,CVE-2016-2834,CVE-2016-8635,CVE-2016-9574,CVE-2017-5429,CVE-2017-5432,CVE-2017-5433,CVE-2017-5434,CVE-2017-5435,CVE-2017-5436,CVE-2017-5437,CVE-2017-5438,CVE-2017-5439,CVE-2017-5440,CVE-2017-5441,CVE-2017-5442,CVE-2017-5443,CVE-2017-5444,CVE-2017-5445,CVE-2017-5446,CVE-2017-5447,CVE-2017-5448,CVE-2017-5459,CVE-2017-5460,CVE-2017-5461,CVE-2017-5462,CVE-2017-5464,CVE-2017-5465,CVE-2017-5469 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): MozillaFirefox-45.9.0esr-105.1, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): MozillaFirefox-45.9.0esr-105.1, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Server for SAP 12 (src): MozillaFirefox-45.9.0esr-105.1, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): MozillaFirefox-45.9.0esr-105.1, java-1_8_0-openjdk-1.8.0.121-23.4, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Server 12-SP2 (src): MozillaFirefox-45.9.0esr-105.1, java-1_8_0-openjdk-1.8.0.121-23.4, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Server 12-SP1 (src): MozillaFirefox-45.9.0esr-105.1, java-1_8_0-openjdk-1.8.0.121-23.4, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Server 12-LTSS (src): MozillaFirefox-45.9.0esr-105.1, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Desktop 12-SP2 (src): MozillaFirefox-45.9.0esr-105.1, java-1_8_0-openjdk-1.8.0.121-23.4, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1 SUSE Linux Enterprise Desktop 12-SP1 (src): MozillaFirefox-45.9.0esr-105.1, java-1_8_0-openjdk-1.8.0.121-23.4, mozilla-nspr-4.13.1-18.1, mozilla-nss-3.29.5-57.1