Please Install the Updated Packages.

This patch contains * mozilla-nss 3.15.3.1 which includes a certstore update (1.95) to explicitely revoke AC DG Tresor SSL intermediate CA which was misused. * Firefox 24.2esr * Thunderbird 24.2 * Seamonkey 2.23 These updates fix several security issues: * CVE-2013-5611 Mozilla: Application Installation doorhanger persists on navigation (MFSA 2013-105) * CVE-2013-5609 Mozilla: Miscellaneous memory safety hazards (rv:24.2) (MFSA 2013-104) * CVE-2013-5610 Mozilla: Miscellaneous memory safety hazards (rv:26.0) (MFSA 2013-104) * CVE-2013-5612 Mozilla: Character encoding cross-origin XSS attack (MFSA 2013-106) * CVE-2013-5614 Mozilla: Sandbox restrictions not applied to nested object elements (MFSA 2013-107) * CVE-2013-5616 Mozilla: Use-after-free in event listeners (MFSA 2013-108) * CVE-2013-5619 Mozilla: Potential overflow in JavaScript binary search algorithms (MFSA 2013-110) * CVE-2013-6671 Mozilla: Segmentation violation when replacing ordered list elements (MFSA 2013-111) * CVE-2013-6673 Mozilla: Trust settings for built-in roots ignored during EV certificate validation (MFSA 2013-113) * CVE-2013-5613 Mozilla: Use-after-free in synthetic mouse movement (MFSA 2013-114) * CVE-2013-5615 Mozilla: GetElementIC typed array stubs can be generated outside observed typesets (MFSA 2013-115) * CVE-2013-6672 Mozilla: Linux clipboard information disclosure though selection paste (MFSA 2013-112) * CVE-2013-5618 Mozilla: Use-after-free during Table Editing (MFSA 2013-109)

Mozilla on openSUSE 11.4

• http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00004.html

---

Updated on 2015-03-25